174 matches found
AZL-44763 CVE-2022-23639 affecting package ripgrep 13.0.0-12
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
Design/Logic Flaw
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
UBUNTU-CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
CVE-2022-23639
The CVE-2022-23639 issue affects crossbeam-utils prior to 0.8.7, where alignment of {i,u}64 was assumed to match Atomic{I,U}64. On some 32-bit targets, {i,u}64 alignment can be smaller than Atomic{I,U}64, leading to unaligned memory accesses and data races when using fetch_* with AtomicCell. 32-b...
CVE-2022-23639 Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
CVE-2022-23639 Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
CVE-2022-23639 Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
crossbeam 竞争条件问题漏洞
crossbeam is a tool for individual developers that applies to concurrent programming. A competitive conditions issue vulnerability exists in crossbeam that arises from improper design or implementation during code development of a networked system or product...
RUSTSEC-2022-0041 Unsoundness of AtomicCell<*64> arithmetics on 32-bit targets that support Atomic*64
Impact Affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates usin...
ABC-ECS (>=0.1.4 <=0.2.1), ABC_Game_Engine (>=0.1.0 <=0.1.2) +29852 more potentially affected by CVE-2022-23639 via crossbeam-utils (>=0.1.0 <=0.8.21)
crossbeam-utils CARGO version =0.1.0, =0.1.4, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.8, =0.1.0, =0.0.0, =0.1.2, =0.1.0, =0.0.8, =0.1.0, =1.0.1 - GuiNistRs =0.1.0 - HPGO =0.9.2 and more Source cves: CVE-2022-23639 Source advisory: OSV:RUSTSEC-2022-0041...
Unsoundness of AtomicCell<*64> arithmetics on 32-bit targets that support Atomic*64
Impact Affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates usin...
openSUSE 15 Security Update : MozillaThunderbird (openSUSE-SU-2021:1635-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1635-1 advisory. - An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2021:4150-1 Rating: important References: 1182863 1189547 1190244 1190269 1191332 1192250 1193485 Cross-References: CVE-2021-29981 CVE-2021-29982 CVE-2021-29987 CVE-2021-29991 CVE-2021-32810 CVE-2021-384...
firefox security update
CentOS Errata and Security Advisory CESA-2021:3791 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 7 : firefox (RHSA-2021:3791)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3791 advisory. - crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the...
Oracle Linux 7 : thunderbird (ELSA-2021-3841)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-3841 advisory. 91.2.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.2.0-1 - Update to 91.2.0 build1 91.1.2-1 - Upda...
CentOS 8 : thunderbird (CESA-2021:3838)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3838 advisory. - rust-crossbeam-deque: race condition may lead to double free CVE-2021-32810 - Mozilla: Use-after-free in MessageTask CVE-2021-38496 - Mozilla:...