CVE-2020-36318

In the standard library in Rust before 1.49.0, VecDeque::makecontiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free...

CVE-2020-36318

CVE-2020-36318 affects Rust’s standard library VecDeque::make_contiguous, where a condition can cause the same element to be popped more than once, leading to use-after-free or double-free. Multiple advisories (RHEL/CentOS 8, Rocky Linux, Oracle Linux, CentOS) reference this issue alongside CVE-2...

CVE-2020-36318

In the standard library in Rust before 1.49.0, VecDeque::makecontiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free...

Mozilla Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.49.0, which stems from the fact that it allows a non-UTF-8 Rust string to be created when there is a problem with the suppli...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.2.0, which stems from the binary heap being in a failure to agree state when comparing generic elements of sift up or...

Mozilla Rust 资源管理错误漏洞

Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. A reuse-after-release and double-release vulnerability exists in standard inventory in versions of Rust prior to 1.49.0. The vulnerability stems from...

CVE-2021-28875

CVE-2021-28875 affects the Rust standard library prior to 1.50.0. In read_to_end(), the return value from Read is not validated in an unsafe context, which can lead to a buffer overflow. Several connected sources corroborate this bug and note the fix involves upgrading Rust to a newer release. Th...

CVE-2021-28875

In the standard library in Rust before 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow...

CVE-2021-28876

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics in certain conditions. This bug could lead to a memory safety violation due to an unmet safety...

CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when nextback and next are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the...

Mozilla Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.52.0, which stems from an unmet security requirement for the TrustedRandomAccess feature, an error that could result in a...

Mozilla Rust 输入验证错误漏洞

Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. An integer overflow vulnerability exists in the Zip implementation of the standard library in versions of Rust prior to 1.52.0. An attacker can exploit this...

CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

Mozilla Rust 缓冲区错误漏洞

Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. A buffer overflow vulnerability exists in the standard stock in versions of Rust prior to 1.50.0. The vulnerability stems from readtoend not validating the return...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in the Rust standard library prior to version 1.52.0 that stems from an unmet security requirement for the TrustedRandomAccess feature, an error that could result in a memory...

CVE-2021-28879

CVE-2021-28879 affects the Rust standard library prior to 1.52.0, specifically the Zip implementation. The bug permits reporting an incorrect size due to an integer overflow, which can cause a buffer overflow when a consumed Zip iterator is used again. The issue is documented across multiple conn...

CVE-2021-28878

CVE-2021-28878 affects the Rust standard library before 1.52.0. The Zip implementation can call __iterator_get_unchecked() more than once for the same index when next_back() and next() are used together, creating a memory-safety vulnerability related to TrustedRandomAccess. Affected releases incl...

CVE-2021-28876

The CVE-2021-28876 issue affects the Rust standard library’s Zip implementation up to Rust 1.51.x, where __iterator_get_unchecked() can be invoked more than once for the same index if the underlying iterator panics. This creates a memory-safety violation risk related to TrustedRandomAccess. Impac...

CVE-2021-28876

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics in certain conditions. This bug could lead to a memory safety violation due to an unmet safety...

CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...