mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 08:13:58 +01:00

Files

github-actions[bot] 146de2d8c7 Assigned RUSTSEC-2018-0021 to libpulse-binding (#447 )

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

2020-10-25 12:21:56 -07:00

843 B

Raw Blame History

[advisory]
id = "RUSTSEC-2018-0021"
package = "libpulse-binding"
date = "2018-06-15"
url = "https://github.com/jnqnfe/pulse-binding-rust/security/advisories/GHSA-ghpq-vjxw-ch5w"
categories = ["memory-corruption"]

[versions]
patched = [">= 1.2.1"]

[affected.functions]
"libpulse_binding::stream::Stream::get_format_info" = ["< 1.2.1"]
"libpulse_binding::stream::Stream::get_context" = ["< 1.2.1"]

Use-after-free with objects returned by `Stream`'s `get_format_info` and `get_context` methods

Affected versions contained a pair of use-after-free issues with the objects returned by the get_format_info and get_context methods of Stream objects. These objects were mistakenly being constructed without setting an important flag to prevent destruction of the underlying C objects they reference upon their own destruction.

843 B Raw Blame History

Use-after-free with objects returned by Stream's get_format_info and get_context methods

843 B

Raw Blame History

Use-after-free with objects returned by `Stream`'s `get_format_info` and `get_context` methods