OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-06 19:49:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3338fcfb59cea5fcd7d2a4e7fe24cbc7cb778003
advisory-db/crates/vm-memory/RUSTSEC-2020-0157.md
github-actions[bot] 315a5c0609 Assigned RUSTSEC-2020-0157 to vm-memory, RUSTSEC-2021-0107 to ckb (#1033) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
2021-09-10 15:50:27 +00:00

645 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0157"
package = "vm-memory"
date = "2020-06-02"
url = "https://nvd.nist.gov/vuln/detail/CVE-2020-13759"
categories = ["memory-corruption"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
aliases = ["CVE-2020-13759", "GHSA-mm4m-qg48-f7wc"]
[versions]
patched = [">= 0.2.1", "^0.1.1"]

Improper Synchronization and Race Condition in vm-memory

rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attackers to cause a denial of service (loss of IP networking) because read_obj and write_obj do not properly access memory. This affects aarch64 (with musl or glibc) and x86_64 (with musl).