GHSA-39xg-8p43-h76x

Suggest an improvement
Source
https://github.com/advisories/GHSA-39xg-8p43-h76x
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-39xg-8p43-h76x/GHSA-39xg-8p43-h76x.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-39xg-8p43-h76x
Aliases
Published
2021-08-25T20:51:40Z
Modified
2023-11-08T04:03:41.295805Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Data races in reffers
Details

ARefss<'a, V> is a type that is assumed to contain objects that are Send + Sync.

In the affected versions of this crate, Send/Sync traits are unconditionally implemented for ARefss<'a, V>.

By using the ARefss::map() API, we can insert a !Send or !Sync object into ARefss<'a, V>. After that, it is possible to create a data race to the inner object of ARefss<'a, V>, which can lead to undefined behavior & memory corruption.

The flaw was corrected in commit 6dd7ca0 by adding trait bound V: Send + Sync to ARefss::map() API.

Database specific
{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-362",
        "CWE-787"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T18:49:46Z"
}
References

Affected packages

crates.io / reffers

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.6.1