OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
acc093457e3f258a910bdf9dca40fb5d7038cd8f
advisory-db/crates/sys-info/RUSTSEC-2020-0100.md
Yechan Bae f898b07b9a Update date field
2021-02-03 11:45:30 -05:00

967 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0100"
package = "sys-info"
date = "2020-05-31"
url = "https://github.com/FillZpp/sys-info-rs/issues/63"
categories = ["memory-corruption"]
keywords = ["concurrency", "double free"]

[versions]
patched = [">= 0.8.0"]
unaffected = []

[affected]
os = ["linux"]
functions = { "sys_info::disk_info" = ["<= 0.1.1"] }

Double free when calling sys_info::disk_info from multiple threads

Affected versions of sys-info use a static, global, list to store temporary disk information while running. The function that cleans up this list, DFCleanup, assumes a single threaded environment and will try to free the same memory twice in a multithreaded environment.

This results in consistent double-frees and segfaults when calling sys_info::disk_info from multiple threads at once.

The issue was fixed by moving the global variable into a local scope.

Safer Alternatives: