OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d9614925ced7c2bf4df6bdb69d94cf50e8877f77
advisory-db/crates/futures-intrusive/RUSTSEC-2020-0072.md
Yechan Bae a19397dee4 Add thread-safety category to relevant bugs
2021-01-30 23:02:50 -05:00

31 lines
1.0 KiB
Markdown
Raw Blame History

```toml
[advisory]
id = "RUSTSEC-2020-0072"
package = "futures-intrusive"
aliases = ["CVE-2020-35915"]
date = "2020-10-31"
url = "https://github.com/Matthias247/futures-intrusive/issues/53"
categories = ["memory-corruption", "thread-safety"]
keywords = ["concurrency"]
informational = "unsound"
[versions]
patched = [">= 0.4.0"]
```
# GenericMutexGuard allows data races of non-Sync types across threads
`GenericMutexGuard<T>` was given the `Sync` auto trait as long as `T` is `Send`
due to its contained members. However, since the guard is supposed to represent
an **acquired lock** and allows concurrent access to the underlying data from
different threads, it should only be `Sync` when the underlying data is.
This is a soundness issue and allows data races, potentially leading to crashes
and segfaults from safe Rust code.
The flaw was corrected by adding a `T: Send + Sync` bound for
`GenericMutexGuard`'s `Sync` trait.
This bug is [similar to one](https://github.com/rust-lang/rust/issues/41622) in
`std::sync::Mutex`.
Reference in New Issue View Git Blame Copy Permalink