OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-06 03:29:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3338fcfb59cea5fcd7d2a4e7fe24cbc7cb778003
advisory-db/crates/dashmap/RUSTSEC-2022-0002.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

1.4 KiB
Raw Blame History 

[advisory]
id = "RUSTSEC-2022-0002"
package = "dashmap"
date = "2022-01-10"
url = "https://github.com/xacrimon/dashmap/issues/167"
categories = ["memory-exposure", "memory-corruption"]
keywords = ["segfault", "use-after-free"]
aliases = ["GHSA-mpg5-fvwp-42m2"]

[affected.functions]
"dashmap::mapref::multiple::RefMulti::key" = [">= 5.0.0"]
"dashmap::mapref::multiple::RefMulti::value" = [">= 5.0.0"]
"dashmap::mapref::multiple::RefMulti::pair" = [">= 5.0.0"]
"dashmap::mapref::multiple::RefMutMulti::key" = [">= 5.0.0"]
"dashmap::mapref::multiple::RefMutMulti::pair" = [">= 5.0.0"]
"dashmap::mapref::multiple::RefMutMulti::pair_mut" = [">= 5.0.0"]
"dashmap::mapref::one::Ref::key" = [">= 5.0.0"]
"dashmap::mapref::one::Ref::value" = [">= 5.0.0"]
"dashmap::mapref::one::Ref::pair" = [">= 5.0.0"]
"dashmap::mapref::one::RefMut::key" = [">= 5.0.0"]
"dashmap::mapref::one::RefMut::pair" = [">= 5.0.0"]
"dashmap::mapref::one::RefMut::pair_mut" = [">= 5.0.0"]
"dashmap::setref::multiple::RefMulti::key" = [">= 5.0.0"]
"dashmap::setref::one::Ref::key" = [">= 5.0.0"]

[versions]
patched = [">= 5.1.0"]
unaffected = ["< 5.0.0"]

Unsoundness in dashmap references

Reference returned by some methods of Ref (and similar types) may outlive the Ref and escape the lock. This causes undefined behavior and may result in a segfault.

More information in dashmap#167 issue.