GHSA-x54v-qxxr-93qc

Source

https://github.com/advisories/GHSA-x54v-qxxr-93qc

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-x54v-qxxr-93qc/GHSA-x54v-qxxr-93qc.json

Aliases

• CVE-2020-25791
• CVE-2020-25792
• CVE-2020-25793
• CVE-2020-25794
• CVE-2020-25795
• CVE-2020-25796
• GHSA-64gv-qg2v-vxv6
• GHSA-9p9m-9xww-qjcx
• GHSA-fqpx-cq8x-9wp4
• GHSA-mp6f-p9gp-vpj9
• GHSA-rfgg-vccr-m46m
• RUSTSEC-2020-0041

Published

2021-08-25T20:45:01Z

Modified

2024-03-15T00:05:17.938691Z

Summary

Missing release of memory in sized-chunks

Details

Chunk:

• Array size is not checked when constructed with unit() and pair().
• Array size is not checked when constructed with From<InlineArray<A, T>>.
• Clone and insert_from are not panic-safe; A panicking iterator causes memory safety issues with them.

InlineArray:

• Generates unaligned references for types with a large alignment requirement.

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-25795
• https://github.com/bodil/sized-chunks/issues/11
• https://github.com/bodil/sized-chunks
• https://rustsec.org/advisories/RUSTSEC-2020-0041.html