mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
64c17acfe3
As announced in #228, this commit migrates all advisories to the new V2 format, which splits version information into a separate section, and now has a structure which corresponds to the internal code structure of the `rustsec` crate. This is a breaking change for users of `cargo-audit` < 0.9, and anyone who has written a 3rd party advisory format parser.
25 lines
1.0 KiB
TOML
25 lines
1.0 KiB
TOML
[advisory]
|
|
id = "RUSTSEC-2018-0004"
|
|
package = "claxon"
|
|
date = "2018-08-25"
|
|
title = "Malicious input could cause uninitialized memory to be exposed"
|
|
url = "https://github.com/ruuda/claxon/commit/8f28ec275e412dd3af4f3cda460605512faf332c"
|
|
keywords = ["uninitialized-memory"]
|
|
description = """
|
|
Affected versions of Claxon made an invalid assumption about the decode buffer
|
|
size being a multiple of a value read from the bitstream. This could cause parts
|
|
of the decode buffer to not be overwritten. If the decode buffer was newly
|
|
allocated and uninitialized, this uninitialized memory could be exposed.
|
|
|
|
This allows an attacker to observe parts of the uninitialized memory in the
|
|
decoded audio stream.
|
|
|
|
The flaw was corrected by checking that the value read from the bistream divides
|
|
the decode buffer size, and returning a format error if it does not. If an error
|
|
is returned, the decode buffer is not exposed. Regression tests and an
|
|
additional fuzzer have been added to prevent similar flaws in the future.
|
|
"""
|
|
|
|
[versions]
|
|
patched = ["=0.3.2", ">= 0.4.1"]
|