advisory-db/crates/libpulse-binding/RUSTSEC-2018-0021.md

[advisory]
id = "RUSTSEC-2018-0021"
package = "libpulse-binding"
date = "2018-06-15"
url = "https://github.com/jnqnfe/pulse-binding-rust/security/advisories/GHSA-ghpq-vjxw-ch5w"
categories = ["memory-corruption"]
aliases = ["CVE-2018-25027", "CVE-2018-25028", "GHSA-ghpq-vjxw-ch5w", "GHSA-hxjf-h2mh-r6hj", "GHSA-jqpv-jm4m-86j9"]

[versions]
patched = [">= 1.2.1"]

[affected.functions]
"libpulse_binding::stream::Stream::get_format_info" = ["< 1.2.1"]
"libpulse_binding::stream::Stream::get_context" = ["< 1.2.1"]

Use-after-free with objects returned by Stream's get_format_info and get_context methods

Affected versions contained a pair of use-after-free issues with the objects returned by the get_format_info and get_context methods of Stream objects. These objects were mistakenly being constructed without setting an important flag to prevent destruction of the underlying C objects they reference upon their own destruction.