GHSA-69gw-hgj3-45m7

Source

https://github.com/advisories/GHSA-69gw-hgj3-45m7

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-69gw-hgj3-45m7/GHSA-69gw-hgj3-45m7.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-69gw-hgj3-45m7

Aliases

Published

2021-08-25T20:43:58Z

Modified

2023-11-08T04:01:14.344753Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Memory corruption in smallvec

Details

Attempting to call grow on a spilled SmallVec with a value less than the current capacity causes corruption of memory allocator data structures. An attacker that controls the value passed to grow may exploit this flaw to obtain memory contents or gain remote code execution.

Database specific

{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-787"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T21:23:44Z"
}

References

Affected packages

crates.io / smallvec

Package

Name: smallvec; View open source insights on deps.dev
Purl: pkg:cargo/smallvec

Affected ranges

Type: SEMVER
Events: Introduced

0.6.3

Fixed

0.6.10

Ecosystem specific

{
    "affected_functions": [
        "smallvec::SmallVec::grow"
    ]
}