OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-22 11:25:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3338fcfb59cea5fcd7d2a4e7fe24cbc7cb778003
advisory-db/crates/basic_dsp_matrix/RUSTSEC-2021-0009.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

20 lines
800 B
Markdown
Raw Blame History

```toml
[advisory]
id = "RUSTSEC-2021-0009"
package = "basic_dsp_matrix"
aliases = ["CVE-2021-25906", "GHSA-fjr6-hm39-4cf9"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
date = "2021-01-10"
url = "https://github.com/liebharc/basic_dsp/issues/47"
categories = ["memory-corruption"]
[versions]
patched = [">= 0.9.2"]
```
# panic safety issue in `impl TransformContent<S, D> for [S; (2|3|4)]`
Affected versions of this crate did not guard against double drop while temporarily duplicating objects' ownership using `ptr::read()`. Upon panic in a user-provided function `conversion`, objects that are copied by `ptr::read()` are dropped twice, leading to memory corruption.
The flaw was corrected in v0.9.2 by using `ManuallyDrop<T>` to enclose objects that are to be temporarily duplicated.
Reference in New Issue View Git Blame Copy Permalink