OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-15 22:04:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
0f4e16f7cd4339870985903cde44ea45ffe265c5
advisory-db/crates/pnet_packet/RUSTSEC-2020-0167.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

808 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0167"
package = "pnet_packet"
date = "2020-06-19"
url = "https://github.com/libpnet/libpnet/issues/449"
categories = ["memory-corruption"]
cvss = "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"
aliases = ["GHSA-cf4g-fcf8-3cr9"]

[versions]
patched = [">= 0.27.2"]

pnet_packet buffer overrun in set_payload setters

As indicated by this issue, a buffer overrun is possible in the set_payload setter of the various mutable "Packet" struct setters. The offending set_payload functions were defined within the struct impl blocks in earlier versions of the package, and later by the packet macro.

Fixed in the packet macro by this PR.