9510 matches found
Astra Linux – Vulnerability in RustC
In the standard library of Rust before 1.52.0, there was an optimization for joining strings that could cause uninitialized bytes to be exposed or the program to crash if the borrowed string changed after its length was checked...
Astra Linux - уязвимость в rustc
In the standard library of Rust before version 1.2.0, BinaryHeap is not panic-safe. The binary heap becomes in an inconsistent state when the comparison of generic elements within siftup or siftdownrange causes a panic. This bug results in a decrease of zeroed memory of an arbitrary type, which c...
Astra Linux – Vulnerability in RustC
In the standard library of Rust before version 1.52.0, a double-free error can occur in the Vec::fromiter function if the process of freeing the element causes a panic...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: x86/Kconfig: make CFIAUTODEFAULT dependent on !RUST or Rust = 1.88 Calling core::fmt::write from Rust code while FineIBT is enabled results in a kernel panic: 4614.199779 Kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343...
Astra Linux - уязвимость в rustc
In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions...
[SECURITY] Fedora 42 Update: rust-sequoia-git-0.6.0-1.fc42
A tool for managing and enforcing a commit signing policy...
[SECURITY] Fedora 43 Update: rust-sequoia-git-0.6.0-1.fc43
A tool for managing and enforcing a commit signing policy...
RUSTSEC-2026-0132 Potential out-of-bounds write via public `Context` fields
The Context struct has all fields public pub dlen, pub digest, etc.. Code from other modules within the same crate can directly modify dlen to a value exceeding the digest vector length. When reset is subsequently called, self.digestself.dlen as usize = 0 becomes an out-of-bounds write. Withdrawa...
Invalid pointer arithmetic in `iter()` and `iter_mut()`
The iter and itermut APIs compute current = &children0 as const const RawAutoChild.sub1, which performs pointer subtraction going before the start of the allocation. This is undefined behavior per Rust's pointer arithmetic rules. This can be triggered through safe public APIs — iter and itermut —...
Null-pointer dereference and double-free via safe APIs
Two soundness violations exist in the Rust bindings for MetaCall: Null-pointer dereference: MetaCallFuture::newraw accepts a raw pointer without validation. The Debug impl calls Box::fromrawself.data on it. Passing a null pointer causes the Debug impl to construct a NonNull from null, producing...
RUSTSEC-2026-0127 Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption
In array::ReadWrite::new line 83 of accessor/src/array.rs, let bytes = mem::sizeof:: len can overflow usize when len is very large. In release mode, this silently wraps, potentially making bytes = 0. The mapper then maps with 0 bytes, and subsequent accesses e.g. readvolatileat lead to undefined...
[SECURITY] Fedora 44 Update: rust-openssl-sys-0.9.114-1.fc44
FFI bindings to OpenSSL...
[SECURITY] Fedora 44 Update: rust-openssl-0.10.78-1.fc44
OpenSSL bindings...
[SECURITY] Fedora 42 Update: rust-openssl-sys-0.9.114-1.fc42
FFI bindings to OpenSSL...
[SECURITY] Fedora 42 Update: rust-openssl-0.10.78-1.fc42
OpenSSL bindings...
[SECURITY] Fedora 43 Update: rust-openssl-0.10.78-1.fc43
OpenSSL bindings...
[SECURITY] Fedora 43 Update: rust-openssl-sys-0.9.114-1.fc43
FFI bindings to OpenSSL...
Fedora 42 : rust-openssl / rust-openssl-sys (2026-76f57efeef)
The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-76f57efeef advisory. Update the openssl crate to version 0.10.78 and the openssl-sys crate to version 0.9.114. Release notes: - openssl 0.10.77 / openssl-sys 0.9.113:...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: rust-rpm-sequoia: rpm-sequoia-1.10.1.1-1.2.hum1 aarch64, x8664 rpm-sequoia-devel-1.10.1.1-1.2.hum1 aarch64, x8664 rust-rpm-sequoia-1.10.1.1-1.2.hum1.src src Security Fixes: rust-rpm-sequoia:...
[SECURITY] Fedora 44 Update: rust-rustls-webpki-0.103.13-1.fc44
Web PKI X.509 Certificate Verification...