OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-21 19:08:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

added UAF within portaudio-rs

Browse Source
This commit is contained in:
phosphorus
2019-09-16 00:12:52 +08:00
committed by GitHub
parent 340b740569
commit 67b08c24a4
1 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
crates/portaudio-rs/RUSTSEC-0000-0000.toml Normal file
View File

@@ -0,0 +1,29 @@
[advisory]
id = "RUSTSEC-0000-0000"
package = "portaudio-rs"
date = "2017-9-14"
# Single-line description of a vulnerability (mandatory)
title = "Stream callback function is not unwind safe"
# Enter a short-form description of the vulnerability here (mandatory)
description = """
Affected versions of this crate is not panic safe within callback functions `stream_callback` and `stream_finished_callback`.
The call to user-provided closure might panic before a `mem::forget` call, which then causes a use after free that grants attacker to control the callback function pointer.
This allows an attacker to construct an arbitrary code execution .
The flaw was reported by Phosphorus15.
"""
# yet not patched
patched_versions = ["> 0.3.1"]
url = "https://github.com/mvdnes/portaudio-rs/issues/20"
categories = ["code-execution", "memory-corruption"]
keywords = ["audio", "ffi"]