OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
c55cf597e8cebf64ee8d37721dea3c8708b0c96e
advisory-db/crates/rio/RUSTSEC-2020-0021.md
Yechan Bae 846dfb93a3 Update CVE numbers (#542)
2021-01-04 09:02:59 -08:00

705 B
Raw Blame History 

[advisory]
categories = ["memory-corruption", "memory-exposure"]
date = "2020-05-11"
id = "RUSTSEC-2020-0021"
package = "rio"
aliases = ["CVE-2020-35876"]
url = "https://github.com/spacejam/rio/issues/11"

[versions]
patched = []

rio allows a use-after-free buffer access when a future is leaked

When a rio::Completion is leaked, its drop code will not run. The drop code is responsible for waiting until the kernel completes the I/O operation into, or out of, the buffer borrowed by rio::Completion. Leaking the struct will allow one to access and/or drop the buffer, which can lead to a use-after-free, data races or leaking secrets.

Upstream is not interested in fixing the issue.