OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e7d342f190cc40b76eb7478775e41acc7001a0a5
advisory-db/crates/heapless/RUSTSEC-2020-0145.md
Alexander Kjäll f494f83f8e add missing cve info to advisories (#1077) 
looks like RUSTSEC-2020-0036 might be a special case, someone got a cve for that the crate is unmaintained
2021-10-14 21:53:11 +02:00

700 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0145"
package = "heapless"
date = "2020-11-02"
url = "https://github.com/japaric/heapless/issues/181"
categories = ["memory-corruption", "memory-exposure"]
keywords = ["use-after-free"]
informational = "unsound"
aliases = ["CVE-2020-36464"]

[affected.functions]
"heapless::vec::IntoIter::clone" = ["<= 0.6"]

[versions]
patched = [">= 0.6.1"]

Use-after-free when cloning a partially consumed Vec iterator

The IntoIter Clone implementation clones the whole underlying Vec. If the iterator is partially consumed the consumed items will be copied, thus creating a use-after-free access.

A proof of concept is available in the original bug report.