2 matches found
CVE-2020-35874
CVE-2020-35874 relates to the Rust internment crate; ArcIntern::drop has a race that can lead to use-after-free. Affected: internment up to versions before 0.3.12. Impact: potential memory safety issue. Mitigation: upgrade to 0.3.12 or later, as the fix serializes access during deallocation. Othe...
CVE-2021-28037
The CVE-2021-28037 issue affects the Rust internment crate prior to 0.4.2. It arises from an unconditional impl of Sync for Intern, enabling a data race that can cause memory corruption. Documented impacts are memory contention and potential corruption. The vulnerability is mitigated by upgrading...