Double free

An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The moveelements function can have a double-free upon a panic in a user-provided f function...

Double free

An issue was discovered in the stackdst crate before 0.6.1 for Rust. Because of the pushinner behavior, a double free can occur upon a val.clone panic...

Double free

An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic...

CVE-2021-28028

An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic...

CVE-2021-28028

The CVE-2021-28028 issue affects the Rust crate toodee prior to 0.3.0. The vulnerability arises during row insertion where an iterator panic can lead to a double free . Multiple connected sources (Red Hat CVE, OSVGHSA entries, CNVD, NVD, and CNVD) corroborate the description: a panic during itera...

CVE-2021-28031

An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The moveelements function can have a double-free upon a panic in a user-provided f function...

CVE-2021-28034

The CVE-2021-28034 issue affects the Rust stack_dst crate prior to 0.6.1. The root cause is in push_inner, which increases the internal array length and then calls val.clone(); if val.clone() panics, a double free/memory-safety issue can occur. Several connected advisories (Red Hat, OSV, GHSA, CN...

CVE-2021-28035

CVE-2021-28035 affects the Rust crate stack_dst, prior to 0.6.1. The root cause is the push_inner behavior, which can cause a drop of uninitialized memory if a val.clone() panics. The issue has been fixed in a later commit (and by upgrading to 0.6.1+). If exploited, this can lead to memory safety...

CVE-2021-28033

The CVE-2021-28033 issue concerns the byte_struct crate for Rust pre-0.6.1, where deserializing via a certain method could cause a drop of uninitialized memory when panicking. Affected component: byte_struct (Rust) before 0.6.1. Impact described as potential memory safety failure during deseriali...

CVE-2021-28033

An issue was discovered in the bytestruct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in stackdst crate before 0.6.1 for Rust, where uninitialized memory is lost during a val.clone panic. No details of the vulnerability are provided at this time...

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

Format string

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

CVE-2021-25345

CVE-2021-25345 concerns Samsung hwcomposer. Descriptions across sources identify a graphics format mismatch when hwcomposer converts video formats, occurring prior to SMR Mar-2021 Release 1, which results in a kernel panic due to an unsupported format. The vulnerability is tied to the hwcomposer ...

golang: math/big: panic during recursive division of very large numbers

A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The...

Deserializing an array can drop uninitialized memory on panic

The readbytesdefaultle function for T; n arrays, used to deserialize arrays of T from bytes created a T; n array with std::mem::uninitialized and then called T's deserialization method. If T's deserialization method panicked, the uninitialized memory could drop invalid objects. This flaw was...

RUSTSEC-2021-0032 Deserializing an array can drop uninitialized memory on panic

The readbytesdefaultle function for T; n arrays, used to deserialize arrays of T from bytes created a T; n array with std::mem::uninitialized and then called T's deserialization method. If T's deserialization method panicked, the uninitialized memory could drop invalid objects. This flaw was...

Denial Of Service (DoS)

linux is vulnerable to denial of service DoS. The vulnerability exists through a system panic on 5.4 release since commit d18d22ce8f62839365c984b1df474d3975ed4eb2...