CVE-2020-36461

An issue was discovered in the noisesearch crate through 2020-12-10 for Rust. There are unconditional implementations of Send and Sync for MvccRwLock...

CVE-2020-36462

CVE-2020-36462 concerns the Rust crate syncpool (pre-0.1.6) where Bucket2 unconditionally implements Send, allowing non-Send types (e.g., Cell, Rc) to be sent across threads. This enables data races and potential memory corruption. The fix adds a T: Send bound to the Send implementation (commit 1...

CVE-2020-36463

CVE-2020-36463 affects the Rust multiqueue crate. The issue is described as unconditional implementations of Send for the inner types InnerSend, InnerRecv, FutInnerSend, and FutInnerRecv. This design allows users to send non‑Send types to other threads, which can lead to data race bugs or other u...

CVE-2020-36463

An issue was discovered in the multiqueue crate through 2020-12-25 for Rust. There are unconditional implementations of Send for InnerSend, InnerRecv, FutInnerSend, and FutInnerRecv...

CVE-2020-36464

CVE-2020-36464 affects the Rust crate heapless (versions before 0.6.1). The vulnerability lies in the IntoIter Clone implementation, which clones the entire underlying Vec without considering whether it has already been partially consumed. The impact is not explicitly detailed in the provided doc...

CVE-2020-36464

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...

CVE-2020-36465

The CVE-2020-36465 issue affects the Rust generic-array crate before 0.13.3. The root cause is a soundness problem caused by using the arr! macro to extend lifetimes. This aligns with multiple sources describing a memory-safety/soundness vulnerability in generic-array (pre-0.13.3). The connected ...

CVE-2020-36465

An issue was discovered in the generic-array crate before 0.13.3 for Rust. It violates soundness by using the arr! macro to extend lifetimes...

CVE-2020-36465

An issue was discovered in the generic-array crate before 0.13.3 for Rust. It violates soundness by using the arr! macro to extend lifetimes...

CVE-2020-36466

CVE-2020-36466 affects the Rust crate cgc (Ptr type) with multiple soundness issues. The Ptr type implements Send and Sync for all types, enabling potential data races by sending non-thread-safe data across threads. In addition, Ptr::get violates mutable aliasing rules by returning multiple mutab...

CVE-2020-36466

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr implements Send and Sync for all types...

CVE-2020-36467

The CVE-2020-36467 entry concerns the Rust crate cgc . The root cause is that Ptr::get returns multiple mutable references to the same object, violating alias rules. Multiple connected sources describe this issue and note potential data races when the crate is used across threads. The records ref...

CVE-2020-36467

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::get returns more than one mutable reference to the same object...

CVE-2020-36468

The CVE-2020-36468 entry concerns the Rust crate cgc . The vulnerability is centered on the function Ptr::write , which performs non-atomic writes to the underlying pointer. Several connected records (e.g., RH:CVE-2020-36468, NVD entry, OSV advisories) describe this as a potential data race when ...

CVE-2020-36468

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::write performs non-atomic write operations on an underlying pointer...

CVE-2020-36469

An issue was discovered in the appendix crate through 2020-11-15 for Rust. For the generic K and V type parameters, Send and Sync are implemented unconditionally...

CVE-2020-36469

The CVE-2020-36469 entry describes a data-race risk in the Rust appendix crate (Index) where Send and Sync are implemented unconditionally for generic K and V. This can permit multi-threaded usage with non-Send/Sync types, potentially causing data contention or races when these types populate the...

CVE-2020-36470

An issue was discovered in the disrustor crate through 2020-12-17 for Rust. RingBuffer doe not properly limit the number of mutable references...

CVE-2020-36470

CVE-2020-36470 affects the Rust crate disrustor, specifically the RingBuffer component. The root cause is that RingBuffer does not properly limit the number of mutable references, which can allow multiple mutable references to be created. This leads to potential data races and undefined behavior....

CVE-2020-36471

CVE-2020-36471 concerns the Rust generator crate prior to 0.7.0, where the yielding function does not enforce Send bounds on the value yielded, while the Generator type is Send. This mismatch allows potential data races when generators are used across threads with non-Send components (e.g., Rc) i...