Lucene search
K

33 matches found

OSV
OSV
added 2024/08/26 7:15 p.m.3 views

UBUNTU-CVE-2024-43806

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...

6.5CVSS5.7AI score0.0048EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/08/26 6:43 p.m.25 views

CVE-2024-43806 `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...

6.5CVSS6.4AI score0.0048EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/26 6:43 p.m.18 views

CVE-2024-43806 `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...

6.5CVSS0.0048EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/08/26 6:43 p.m.10 views

CVE-2024-43806

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...

6.5CVSS5.4AI score0.0048EPSS
Exploits0
CVE
CVE
added 2024/08/26 6:43 p.m.310 views

CVE-2024-43806

CVE-2024-43806 affects Rustix: safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir with the linux_raw backend, the Dir iterator can get stuck on an IO error, and a memory over-allocation in rustix::fs::Dir::read_more can trigger rapid, unbounded memory growth on hot paths, potentiall...

6.5CVSS6.4AI score0.0048EPSS
Exploits0References2
OSV
OSV
added 2024/08/26 6:43 p.m.15 views

CVE-2024-43806 `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...

6.5CVSS6.3AI score0.0048EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/26 12:0 a.m.4 views

rustix 安全漏洞

rustix is a secure Rust binding to a POSIX-style API open-sourced by the Bytecode Alliance. A security vulnerability exists in rustix that stems from memory over-allocation, which could lead to a rapid and unlimited memory explosion...

6.5CVSS6.3AI score0.0048EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/29 12:41 p.m.18 views

Security Bulletin: rustix-0.37.20.crate, rustix-0.38.14.crate and rustix-0.38.2.crate is vulnerable to WS-2023-0366 used in IBM Maximo Application Suite - Edge Data Collector

Summary IBM Maximo Application Suite - Edge Data Collector uses rustix-0.37.20.crate, rustix-0.38.14.crate and rustix-0.38.2.crate which is vulnerable to WS-2023-0366 Vulnerability Details IBM X-Force ID: 269579 DESCRIPTION: Bytecode Alliance rustix is vulnerable to a denial of service, caused by...

7AI score
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2023/10/18 6:27 p.m.4 views

GuiNistRs (=0.1.0), a-gpt (>=0.1.0 <=0.4.0) +6489 more potentially affected by CVE-2024-43806 via rustix (=0.38.10)

rustix CARGO version =0.38.10 is affected by a known vulnerability. The following packages have a transitive dependency on rustix and may be impacted: - GuiNistRs =0.1.0 - a-gpt =0.1.0, =0.7.0, =0.1.0, =0.0.1, =0.0.1, =0.3.1, =0.2.4, =0.1.0, =0.3.0 - abstractsocket =0.1.0 - abstrap =0.1.0 and mor...

6.5CVSS5.7AI score0.0048EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/10/18 6:27 p.m.4 views

agora (=0.1.0), ashpd (>=0.2.0-alpha <=0.2.0-alpha-3) +29 more potentially affected by CVE-2024-43806 via rustix (=0.37.13)

rustix CARGO version =0.37.13 is affected by a known vulnerability. The following packages have a transitive dependency on rustix and may be impacted: - agora =0.1.0 - ashpd =0.2.0-alpha, =0.2.0, =1.0.2, =0.6.0, =0.4.0, =0.2.0, =0.2.0-beta.4, =0.25.0, =0.4.8, =0.6.2 and more Source cves:...

6.5CVSS5.8AI score0.0048EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/10/18 6:27 p.m.28 views

rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion

Summary When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and unbounded memory explosion gigabytes in a few seconds i...

6.5CVSS6.7AI score0.0048EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2023/10/18 6:27 p.m.16 views

GHSA-C827-HFW6-QWVM rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion

Summary When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and unbounded memory explosion gigabytes in a few seconds i...

6.5CVSS6.4AI score0.0048EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/10/18 12:0 a.m.5 views

PT-2023-32952 · Trustix +2 · Rustix +2

Name of the Vulnerable Software and Affected Versions: Rustix versions prior to 0.35.15 Rustix versions prior to 0.36.16 Rustix versions prior to 0.37.25 Rustix versions prior to 0.38.19 Description: The issue arises when using rustix::fs::Dir with the linux raw backend, where the iterator can ge...

6.5CVSS6.7AI score0.0048EPSS
Exploits0References37
Rows per page
Query Builder