OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
dd7d3d726a862a1eccf8d8a40c41f8eeafc69243
advisory-db/crates/internment/RUSTSEC-2020-0017.md
Alexis Mousset 8c05fea5fa Add cvss information from nvd (#1085)
2021-10-19 16:14:35 -06:00

752 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0017"
package = "internment"
aliases = ["CVE-2020-35874"]
cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
categories = ["memory-corruption"]
date = "2020-05-28"
url = "https://github.com/droundy/internment/issues/11"

[affected.functions]
"internment::ArcIntern::drop" = [">= 0.3.12"]

[versions]
patched = [">= 0.4.0"]
unaffected = ["< 0.3.12"]

Use after free in ArcIntern::drop

ArcIntern::drop has a race condition where it can release memory which is about to get another user. The new user will get a reference to freed memory.

This was fixed by serializing access to an interned object while it is being deallocated.

Versions prior to 0.3.12 used stronger locking which avoided the problem.