OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add rustsec advisory for GHSA-mm4m-qg48-f7wc (#1018)

Browse Source 
* Add rustsec advisory for GHSA-mm4m-qg48-f7wc

* Add GHSA to aliases

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
This commit is contained in:
Jon Moroney
2021-09-10 08:48:48 -07:00
committed by GitHub
parent 181cf280e9
commit f969fe8995
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crates/vm-memory/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "vm-memory"
date = "2020-06-02"
url = "https://nvd.nist.gov/vuln/detail/CVE-2020-13759"
categories = ["memory-corruption"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
aliases = ["CVE-2020-13759", "GHSA-mm4m-qg48-f7wc"]
[versions]
patched = [">= 0.2.1", "^0.1.1"]
```
# Improper Synchronization and Race Condition in vm-memory
rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attackers to cause a denial of service (loss of IP networking) because read_obj and write_obj do not properly access memory. This affects aarch64 (with musl or glibc) and x86_64 (with musl).