From 7c95e1b1a11a367a6b7f70f1fe2653acb9ca0000 Mon Sep 17 00:00:00 2001
From: Vladimir <32823131+0xdeafbeef@users.noreply.github.com>
Date: Thu, 1 Oct 2020 18:21:28 +0300
Subject: [PATCH] libpnet (#335)

Co-authored-by: 0xd34b33f <0xd34b33f@users.noreply.github.com>
---
 crates/pnet/RUSTSEC-0000-0000.toml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 crates/pnet/RUSTSEC-0000-0000.toml

diff --git a/crates/pnet/RUSTSEC-0000-0000.toml b/crates/pnet/RUSTSEC-0000-0000.toml
new file mode 100644
index 0000000..7528352
--- /dev/null
+++ b/crates/pnet/RUSTSEC-0000-0000.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "pnet"
+date = "2019-06-11"
+title = "Compiler optimisation for next_with_timeout in pnet::transport::IcmpTransportChannelIterator flaws to SEGFAULT"
+url = "https://github.com/libpnet/libpnet/issues/449"
+categories = ["memory-corruption"]
+cvss = "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"
+keywords = ["segfault"]
+description = """
+Affected versions of this crate were optimized out by compiler,
+which caused dereference of uninitialized file descriptor which caused segfault.
+"""
+[affected.functions]
+"pnet::transport::IcmpTransportChannelIterator" = ["< 0.26.0"]
+
+[versions]
+patched = [">= 0.26.0"] # no patch exists yet
\ No newline at end of file