CVE-2019-16137

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-16137

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16137.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-16137

Aliases

GHSA-hv7x-f3pv-gpwr
RUSTSEC-2019-0013

Downstream

DEBIAN-CVE-2019-16137

Published

2019-09-09T12:15:10Z

Modified

2025-08-09T19:01:28Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in the spin crate before 0.5.2 for Rust, when RwLock is used. Because memory ordering is mishandled, two writers can acquire the lock at the same time, violating mutual exclusion.

References

https://rustsec.org/advisories/RUSTSEC-2019-0013.html

CVE-2019-16137

Affected packages