2519 matches found
Race condition in Parc
In the affected versions of this crate, LockWeak unconditionally implemented Send with no trait bounds on T. LockWeak doesn't own T and only provides &T. This allows concurrent access to a non-Sync T, which can cause undefined behavior like data races...
Data races in multiqueue
Affected versions of multiqueue unconditionally implemented Send for types used in queue implementations InnerSend, InnerRecv, FutInnerSend, FutInnerRecv. This allows users to send non-Send types to other threads, which can lead to data race bugs or other undefined behavior...
Data races in async-coap
An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Affected versions of this crate implement Send/Sync for ArcGuard with no trait bounds on RC. This allows users to send RC: !Send to other threads and also allows users to concurrently access Rc: !Sync from multiple...
GHSA-R626-FC64-3Q28 Data race in abox
Affected versions of this crate implements Send/Sync for AtomicBox without requiring T: Send/T: Sync. This allows to create data races to T: !Sync and send T: !Send to another thread. Such behavior breaks the compile-time thread safety guarantees of Rust, and allows users to incur undefined...
Data races in libsbc
Affected versions of this crate implements Send for Decoder for any R: Read. This allows Decoder to contain R: !Send and carry move it to another thread. This can result in undefined behavior such as memory corruption from data race on R, or dropping R = MutexGuard from a thread that didn't lock...
GHSA-F6G6-54HM-FHXV Data races in libsbc
Affected versions of this crate implements Send for Decoder for any R: Read. This allows Decoder to contain R: !Send and carry move it to another thread. This can result in undefined behavior such as memory corruption from data race on R, or dropping R = MutexGuard from a thread that didn't lock...
GHSA-77M6-X95J-75R5 Data races in ticketed_lock
Affected versions of this crate unconditionally implemented Send for ReadTicket & WriteTicket. This allows to send non-Send T to other threads. This can allows creating data races by cloning types with internal mutability and sending them to other threads as T of ReadTicket/WriteTicket. Such data...
Data races in multiqueue
Affected versions of this crate unconditionally implemented Send for types used in queue implementations InnerSend, InnerRecv, FutInnerSend, FutInnerRecv. This allows users to send non-Send types to other threads, which can lead to data race bugs or other undefined behavior...
Data races in lever
An issue was discovered in the lever crate before 0.1.1 for Rust. AtomicBox implements the Send and Sync traits for all types T. This allows non-Send types such as Rc and non-Sync types such as Cell to be used across thread boundaries which can trigger undefined behavior and memory corruption...
GHSA-9PP4-8P8V-G78W Data races in lever
An issue was discovered in the lever crate before 0.1.1 for Rust. AtomicBox implements the Send and Sync traits for all types T. This allows non-Send types such as Rc and non-Sync types such as Cell to be used across thread boundaries which can trigger undefined behavior and memory corruption...
GHSA-GVVV-W559-2HG6 Data races in scottqueue
An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...
Data races in scottqueue
An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...
Data race in v9
Affected versions of this crate unconditionally implement Sync for SyncRef. This definition allows data races if &T is accessible through &SyncRef. SyncRef derives Clone and Debug, and the default implementations of those traits access &T by invoking T::clone & T::fmt. It is possible to create da...
GHSA-3837-87VH-XQ3W Data race in v9
Affected versions of this crate unconditionally implement Sync for SyncRef. This definition allows data races if &T is accessible through &SyncRef. SyncRef derives Clone and Debug, and the default implementations of those traits access &T by invoking T::clone & T::fmt. It is possible to create da...
GHSA-MMC9-PWM7-QJ5W Unaligned memory access in rand_core
Impact Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. randcore::BlockRng::nextu64 and randcore::BlockRng::fillbytes are affected. Patches The flaw was corrected by Ralf Jung and Diggory Hardy for randcore = 0.4.2...
Data races in model
Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust. Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and...
GHSA-MXV6-Q98X-H958 Data races in model
Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust. Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and...
GHSA-9F5R-VQM5-M342 Use of Uninitialized Resource in ms3d
Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...
Uninitialized buffer use in marc
Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Record::read. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialize...
GHSA-3MF3-2GV9-H39J Uninitialized buffer use in marc
Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Record::read. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialize...