33 matches found
UBUNTU-CVE-2024-43806
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
CVE-2024-43806 `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
CVE-2024-43806 `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
CVE-2024-43806
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
CVE-2024-43806
CVE-2024-43806 affects Rustix: safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir with the linux_raw backend, the Dir iterator can get stuck on an IO error, and a memory over-allocation in rustix::fs::Dir::read_more can trigger rapid, unbounded memory growth on hot paths, potentiall...
CVE-2024-43806 `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
rustix 安全漏洞
rustix is a secure Rust binding to a POSIX-style API open-sourced by the Bytecode Alliance. A security vulnerability exists in rustix that stems from memory over-allocation, which could lead to a rapid and unlimited memory explosion...
Security Bulletin: rustix-0.37.20.crate, rustix-0.38.14.crate and rustix-0.38.2.crate is vulnerable to WS-2023-0366 used in IBM Maximo Application Suite - Edge Data Collector
Summary IBM Maximo Application Suite - Edge Data Collector uses rustix-0.37.20.crate, rustix-0.38.14.crate and rustix-0.38.2.crate which is vulnerable to WS-2023-0366 Vulnerability Details IBM X-Force ID: 269579 DESCRIPTION: Bytecode Alliance rustix is vulnerable to a denial of service, caused by...
GuiNistRs (=0.1.0), a-gpt (>=0.1.0 <=0.4.0) +6489 more potentially affected by CVE-2024-43806 via rustix (=0.38.10)
rustix CARGO version =0.38.10 is affected by a known vulnerability. The following packages have a transitive dependency on rustix and may be impacted: - GuiNistRs =0.1.0 - a-gpt =0.1.0, =0.7.0, =0.1.0, =0.0.1, =0.0.1, =0.3.1, =0.2.4, =0.1.0, =0.3.0 - abstractsocket =0.1.0 - abstrap =0.1.0 and mor...
agora (=0.1.0), ashpd (>=0.2.0-alpha <=0.2.0-alpha-3) +29 more potentially affected by CVE-2024-43806 via rustix (=0.37.13)
rustix CARGO version =0.37.13 is affected by a known vulnerability. The following packages have a transitive dependency on rustix and may be impacted: - agora =0.1.0 - ashpd =0.2.0-alpha, =0.2.0, =1.0.2, =0.6.0, =0.4.0, =0.2.0, =0.2.0-beta.4, =0.25.0, =0.4.8, =0.6.2 and more Source cves:...
rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
Summary When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and unbounded memory explosion gigabytes in a few seconds i...
GHSA-C827-HFW6-QWVM rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
Summary When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and unbounded memory explosion gigabytes in a few seconds i...
PT-2023-32952 · Trustix +2 · Rustix +2
Name of the Vulnerable Software and Affected Versions: Rustix versions prior to 0.35.15 Rustix versions prior to 0.36.16 Rustix versions prior to 0.37.25 Rustix versions prior to 0.38.19 Description: The issue arises when using rustix::fs::Dir with the linux raw backend, where the iterator can ge...