CVE-2020-35915

CVE-2020-35915 affects the Rust futures-intrusive crate prior to 0.4.0. The issue is that GenericMutexGuard can allow cross-thread data races on non-Sync types due to how the guard tracks access to the locked data, potentially enabling unsafe concurrent access. The vulnerability is documented by ...

CVE-2020-35928

Concread crate (Rust) before 0.2.6 exposes a data race in ARCache when non-Send/Sync types are used. Root cause: ARCache implementation unbound by Send/Sync, allowing unsafe concurrent access. The issue was fixed in 0.2.6 by adding K: Send + Sync and V: Send + Sync bounds to the affected Send/Syn...

Rust 竞争条件问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A Competition Condition Issue vulnerability exists in Rust concread crate versions prior to 0.2.6, which can be exploited by an attacker to cause data contention in ARCache by sending a type that does not...

RUSTSEC-2020-0101 conquer-once's OnceCell lacks Send bound for its Sync trait.

Affected versions of conquer-once implements Sync for its OnceCell type without restricting it to Sendable types. This allows non-Send but Sync types such as MutexGuard to be sent across threads leading to undefined behavior and memory corruption in concurrent programs. The issue was fixed by...

conquer-once's OnceCell lacks Send bound for its Sync trait.

Affected versions of conquer-once implements Sync for its OnceCell type without restricting it to Sendable types. This allows non-Send but Sync types such as MutexGuard to be sent across threads leading to undefined behavior and memory corruption in concurrent programs. The issue was fixed by...

RUSTSEC-2020-0152 ImmediateIO and TransactionalIO can cause data races

The ImmediateIO and TransactionalIO types implement Sync for all contained Expander types regardless of if the Expander itself is safe to use across threads. As the IO types allow retrieving the Expander, this can lead to non-thread safe types being sent across threads as part of the Expander...

RUSTSEC-2020-0127 SyncRef's clone() and debug() allow data races

Affected versions of this crate unconditionally implement Sync for SyncRef. This definition allows data races if &T is accessible through &SyncRef. SyncRef derives Clone and Debug, and the default implementations of those traits access &T by invoking T::clone & T::fmt. It is possible to create da...

SyncRef's clone() and debug() allow data races

Affected versions of this crate unconditionally implement Sync for SyncRef. This definition allows data races if &T is accessible through &SyncRef. SyncRef derives Clone and Debug, and the default implementations of those traits access &T by invoking T::clone & T::fmt. It is possible to create da...

ButtplugFutureStateShared allows data race to (!Send|!Sync) objects

ButtplugFutureStateShared implements Send & Sync regardless of T. If T: !Send for ButtplugFutureStateShared, it is possible to move non-Send types across thread boundaries e.g. T=Rc and lead to undefined behavior. If T: !Sync for ButtplugFutureStateShared, it is possible to cause data race to T...

Azure File Sync Agent v11.1 Release – November 2020 (KB4539951)

Update for Azure File Sync agent version 11.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v11.1 Release – November 2020 (KB4539951)

Update for Azure File Sync agent version 11.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v11.1 Release – November 2020 (KB4539951)

Update for Azure File Sync agent version 11.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

RingBuffer can create multiple mutable references and cause data races

The RingBuffer type retrieves mutable references from the DataProvider in a non-atomic manner, potentially allowing the creation of multiple mutable references. RingBuffer also implements the Send and Sync traits for all types T. This allows undefined behavior from the aliased mutable references ...

RUSTSEC-2020-0150 RingBuffer can create multiple mutable references and cause data races

The RingBuffer type retrieves mutable references from the DataProvider in a non-atomic manner, potentially allowing the creation of multiple mutable references. RingBuffer also implements the Send and Sync traits for all types T. This allows undefined behavior from the aliased mutable references ...

Azure File Sync Agent v11.1 Release – November 2020

Azure File Sync Agent v11.1 Release – November 2020 Introduction This article describes the improvements and issues that are fixed in the Azure File Sync Agent v11.1 release that is dated November 2020. Additionally, this article contains installation instructions for the update. Improvements and...

Fedora: Security Advisory for rclone (FEDORA-2020-3b0bb05117)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2020:3781-1 Security update for SUSE Manager Server 4.1

This update fixes the following issues: image-sync-formula: - Send imagesynced event to master postgresql-jdbc: - Address CVE-2020-13692 bsc1172079 pxe-yomi-image-sle15: - Update config.sh based on last JeOS template - Update JEOSLOCALE to enUS.UTF-8 - Support configurlname for user provided...

RUSTSEC-2020-0148 Multiple soundness issues in `Ptr`

Affected versions of this crate have the following issues: 1. Ptr implements Send and Sync for all types, this can lead to data races by sending non-thread safe types across threads. 2. Ptr::get violates mutable alias rules by returning multiple mutable references to the same object. 3. Ptr::writ...

RUSTSEC-2020-0099 Aovec<T> lacks bound on its Send and Sync traits allowing data races

aovec::Aovec is a vector type that implements Send and Sync for all types T. This allows non-Send types such as Rc and non-Sync types such as Cell to be used across thread boundaries which can trigger undefined behavior and memory corruption...

Multiple soundness issues in `Ptr`

Affected versions of this crate have the following issues: 1. Ptr implements Send and Sync for all types, this can lead to data races by sending non-thread safe types across threads. 2. Ptr::get violates mutable alias rules by returning multiple mutable references to the same object. 3. Ptr::writ...