OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-23 20:05:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
49fcc50d2b596defa5a1fc2cfaef4ebafddf46f2
advisory-db/crates/memoffset/RUSTSEC-2019-0011.toml
Sergey "Shnatsel" Davidoff 7797133c67 Add CVE mapping
2020-03-18 17:15:13 +01:00

17 lines
688 B
TOML
Raw Blame History

[advisory]
id = "RUSTSEC-2019-0011"
package = "memoffset"
date = "2019-07-16"
title = "Flaw in offset_of and span_of causes SIGILL, drops uninitialized memory of arbitrary type on panic in client code"
url = "https://github.com/Gilnaa/memoffset/issues/9#issuecomment-505461490"
description = """
Affected versions of this crate caused traps and/or memory unsafety by zero-initializing references.
They also could lead to uninitialized memory being dropped if the field for which the offset is requested was behind a deref coercion, and that deref coercion caused a panic.
The flaw was corrected by using `MaybeUninit`.
"""
aliases = ["CVE-2019-15553"]
[versions]
patched = [">= 0.5.0"]
Reference in New Issue View Git Blame Copy Permalink