EUVD-2021-1806

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-26956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because bytes from an X server can be interpreted as any data...

Linux Distros Unpatched Vulnerability : CVE-2021-26958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after...

CVE-2021-26955

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name calls std::str::fromutf8unchecked on unvalidated bytes from an X server...

CVE-2021-26958

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::castevent uses std::mem::transmute to return a reference to an arbitrary type...

CVE-2021-26957

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::changeproperty, as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server...

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust xcb crate through 2020-12-10 A resource management error vulnerability exists that stems from the presence of the public ptr field and can lead to use-after free or double-free...