RUSTSEC-2021-0122 Generated code can read and write out of bounds in safe code

Code generated by flatbuffers' compiler is unsafe but not marked as such. See https://github.com/google/flatbuffers/issues/6627 for details. For example, if generated code is used to decode malformed or untrusted input, undefined behavior and thus security vulnerabilities is possible even without...

CLSA-2021-1635459194 Fix CVE(s): CVE-2021-20313, CVE-2021-20312, CVE-2021-20311, CVE-2020-27766, CVE-2021-20176, CVE-2021-, CVE-2021-20309, CVE-2021-20241, CVE-2021-20243, CVE-2021-20244, CVE-2021-20246

SECURITY UPDATE: undefined behavior - debian/patches/CVE-2020-27766.patch: fix undefined behavior in the form of values outside the range of 'unsigned long' type. - CVE-2020-27766 SECURITY UPDATE: division by zero - debian/patches/CVE-2021-.patch: fix potential division by zero in many places. -...

Incorrect use of `set_len` allows for un-initialized memory

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

RUSTSEC-2021-0138 Incorrect use of `set_len` allows for un-initialized memory

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

RUSTSEC-2021-0121 Non-aligned u32 read in Chacha20 encryption and decryption

The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::fromrawpartsmut, which breaks the contract and introduces undefined behavior. This affects Chacha20 encryption and decryption in crypto2...

Non-aligned u32 read in Chacha20 encryption and decryption

The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::fromrawpartsmut, which breaks the contract and introduces undefined behavior. This affects Chacha20 encryption and decryption in crypto2...

PT-2021-24283 · Crypto2 · Crypto2

Name of the Vulnerable Software and Affected Versions: crypto2 crate through 2021-10-08 for Rust Description: An issue was discovered in the crypto2 crate that affects Chacha20 encryption and decryption. The implementation does not enforce alignment requirements on input slices, incorrectly...

Aliased mutable references from `tls_rand` & `TlsWyRand`

TlsWyRand's implementation of Deref unconditionally dereferences a raw pointer, and returns multiple mutable references to the same object, which is undefined behavior...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-78745)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust suffers from a memory corruption vulnerability that can be exploited by attackers to cause undefined behavior, such as data contention...

Mozilla Rust Command Injection Vulnerability (CNVD-2021-85286)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A command injection vulnerability exists in Mozilla Rust's schets multiqueue, which can be exploited by attackers to cause data contention errors or other undefined behavior...

Mozilla Rust Command Injection Vulnerability (CNVD-2021-78744)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust is vulnerable to a command injection vulnerability that could be exploited by attackers to trigger undefined behavior and memory corruption...

Mozilla Rust Command Injection Vulnerability (CNVD-2021-78750)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation.Mozilla Rust versions prior to 0.3.4 are vulnerable to command injection, which stems from the kekbit crate in Rust, for ShmWriter , Send is implemented without H: Send, and an attacker could exploit this...

Missing check for duplicate token in addToken

Handle 0xRajeev Vulnerability details Impact addToken does not check for token being added a duplicate of what was already added. If a duplicate token is added, removeToken only removes the first matching token and the later duplicates still remain. With the vaulttoken deleted, this may lead to...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2021-2334)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage of...

GHSA-PFJQ-935C-4895 Data races in v9

Affected versions of this crate unconditionally implement Sync for SyncRef. This definition allows data races if &T is accessible through &SyncRef. SyncRef derives Clone and Debug, and the default implementations of those traits access &T by invoking T::clone & T::fmt. It is possible to create da...

Data races in v9

Affected versions of this crate unconditionally implement Sync for SyncRef. This definition allows data races if &T is accessible through &SyncRef. SyncRef derives Clone and Debug, and the default implementations of those traits access &T by invoking T::clone & T::fmt. It is possible to create da...

GHSA-GQ4H-F254-7CW9 Duplicate Advisory: Data races in ticketed_lock

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-77m6-x95j-75r5. This link is maintained to preserve external references. Original Description Affected versions of this crate unconditionally implemented Send for ReadTicket & WriteTicket. This allows to send...

GHSA-8892-84WF-CG8F SyncChannel<T> can move 'T: !Send' to other threads

Affected versions of this crate unconditionally implement Send/Sync for SyncChannel. SyncChannel doesn't provide access to &T but merely serves as a channel that consumes and returns owned T. Users can create UB in safe Rust by sending T: !Send to other threads with SyncChannel::send/recv APIs...

Queue<T> should have a Send bound on its Send/Sync traits

Affected versions of this crate unconditionally implements Send/Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...

GHSA-V42F-J8FX-99F3 Queue<T> should have a Send bound on its Send/Sync traits

Affected versions of this crate unconditionally implements Send/Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...