From 61a2e157040781d479b5792e25299c56794ae749 Mon Sep 17 00:00:00 2001 From: Benjamin Kampmann Date: Fri, 25 Sep 2020 12:14:34 +0200 Subject: [PATCH 1/2] adding ws-rs advisory --- crates/ws/RUSTSEC-0000-0000.toml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 crates/ws/RUSTSEC-0000-0000.toml diff --git a/crates/ws/RUSTSEC-0000-0000.toml b/crates/ws/RUSTSEC-0000-0000.toml new file mode 100644 index 0000000..8bbca8b --- /dev/null +++ b/crates/ws/RUSTSEC-0000-0000.toml @@ -0,0 +1,21 @@ +[advisory] +id = "RUSTSEC-0000-0000" +package = "ws" +date = "2019-09-25" +title = "Insufficient size checks in outgoing buffer in ws allows remote attacker to run the process out of memory" + +url = "https://github.com/housleyjk/ws-rs/issues/291" + +categories = ["denial-of-service"] +keywords = ["websocket", "dos", "ddos","oom", "memory", "remotely"] + +description = """ +Affected versions of this crate did not properly check and cap the growth of the outgoing buffer. + +This allows a remote attacker to take down the process by growing the buffer of their (single) connection until the process runs out of memory it can allocate and is killed. + +The flaw was corrected in the [`parity-ws` fork](https://crates.io/crates/parity-ws) (>0.10.0) by [disconnecting a client when the buffer runs full](https://github.com/housleyjk/ws-rs/pull/328). +""" + +[versions] +patched = [] From 5a25462b610637f5b8cb29e7bd2c4703586bafc7 Mon Sep 17 00:00:00 2001 From: Benjamin Kampmann Date: Fri, 25 Sep 2020 12:23:05 +0200 Subject: [PATCH 2/2] the year is 2020 --- crates/ws/RUSTSEC-0000-0000.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/ws/RUSTSEC-0000-0000.toml b/crates/ws/RUSTSEC-0000-0000.toml index 8bbca8b..7e89d00 100644 --- a/crates/ws/RUSTSEC-0000-0000.toml +++ b/crates/ws/RUSTSEC-0000-0000.toml @@ -1,7 +1,7 @@ [advisory] id = "RUSTSEC-0000-0000" package = "ws" -date = "2019-09-25" +date = "2020-09-25" title = "Insufficient size checks in outgoing buffer in ws allows remote attacker to run the process out of memory" url = "https://github.com/housleyjk/ws-rs/issues/291"