Lucene search
K

4 matches found

NVD
NVD
added 2026/06/12 4:16 p.m.13 views

CVE-2026-46690

unboundedspsc is an "unbounded" extension of boundedspscqueue. In versions 0.2.0 and prior, sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race. At time of publication, there are no publicly available patches...

5.8CVSS0.0013EPSS
Exploits1References1
CVE
CVE
added 2026/06/12 2:56 p.m.15 views

CVE-2026-46690

Summary: CVE-2026-46690 affects the unbounded-spsc crate (0.2.0 and earlier). The vulnerability originates from an unsafe TRANSMUTE in Sender::send (DISCONNECTED branch) that reinterprets a raw pointer to a Producer as a Consumer, creating a fake Arc and enabling out-of-bounds access. This race w...

5.8CVSS5.2AI score0.0013EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/29 7:5 p.m.6 views

GHSA-6M57-8R3P-PQX6 unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race

Summary Sender::send in src/lib.rs contains an unsafe block in the DISCONNECTED arm that transmutes a raw pointer mut Producer into the bytes of a value-level Consumer. The author's intent, visible in the surrounding comment at lines 386-390, was a value transmute. The shipped code is one level o...

5.8CVSS5.8AI score0.0013EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/05/29 7:5 p.m.13 views

unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race

Summary Sender::send in src/lib.rs contains an unsafe block in the DISCONNECTED arm that transmutes a raw pointer mut Producer into the bytes of a value-level Consumer. The author's intent, visible in the surrounding comment at lines 386-390, was a value transmute. The shipped code is one level o...

5.8CVSS5.8AI score0.0013EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder