Several memory corruption issues via safe APIs

Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...

GitPython: Unsafe option check validates multi_options before shlex.split transformation

Summary clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but after split becomes "--branch", "main", "--config", "core.hooksPath=/x". Git applies the...

PT-2020-16212

Name of the Vulnerable Software and Affected Versions sized-chunks crate versions through 0.6.2 Description An issue was discovered in the sized-chunks crate, where the array size is not checked when constructed with unit and pair in the Chunk implementation. Additionally, the array size is not...

linux kernel 2.6. x-Btrfs for creating unsafe clone file vulnerability-vulnerability warning-the black bar safety net

Affected version: Linux kernel 2.6. x Vulnerability description: The Linux Kernel is open sourceOSLinux the kernel. Linux Kernel Btrfs implementation in btrfsioctlclone to ioctl will be provided by the user, the source file descriptor is copied to the target file descriptor, but in the...