OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
18b2916a5dfbe2bd3c1000d0d29acb5a4e648f0b
advisory-db/crates/arr/RUSTSEC-2020-0034.md
Yechan Bae a19397dee4 Add thread-safety category to relevant bugs
2021-01-30 23:02:50 -05:00

684 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0034"
package = "arr"
aliases = ["CVE-2020-35886", "CVE-2020-35887", "CVE-2020-35888"]
date = "2020-08-25"
url = "https://github.com/sjep/array/issues/1"
categories = ["memory-corruption", "thread-safety"]

[versions]
patched = []

Multiple security issues including data race, buffer overflow, and uninitialized memory drop

arr crate contains multiple security issues. Specifically,

  1. It incorrectly implements Sync/Send bounds, which allows to smuggle non-Sync/Send types across the thread boundary.
  2. Index and IndexMut implementation does not check the array bound.
  3. Array::new_from_template() drops uninitialized memory.