mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
759 B
759 B
[advisory]
categories = ["memory-corruption", "memory-exposure"]
date = "2020-05-11"
id = "RUSTSEC-2020-0021"
package = "rio"
aliases = ["CVE-2020-35876"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
url = "https://github.com/spacejam/rio/issues/11"
[versions]
patched = []
rio allows a use-after-free buffer access when a future is leaked
When a rio::Completion is leaked, its drop code will not run. The drop code
is responsible for waiting until the kernel completes the I/O operation into, or
out of, the buffer borrowed by rio::Completion. Leaking the struct will allow
one to access and/or drop the buffer, which can lead to a use-after-free,
data races or leaking secrets.
Upstream is not interested in fixing the issue.