RUSTSEC-2020-0017

Source
https://rustsec.org/advisories/RUSTSEC-2020-0017
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0017.json
Aliases
Published
2020-05-28T12:00:00Z
Modified
2023-11-08T04:03:36.887095Z
Details

ArcIntern::drop has a race condition where it can release memory which is about to get another user. The new user will get a reference to freed memory.

This was fixed by serializing access to an interned object while it is being deallocated.

Versions prior to 0.3.12 used stronger locking which avoided the problem.

References

Affected packages

crates.io / internment

Package

Name
internment

Affected ranges

Type
SEMVER
Events
Introduced
0.3.12
Fixed
0.4.0

Ecosystem specific 

{
    "affects": {
        "os": [],
        "functions": [
            "internment::ArcIntern::drop"
        ],
        "arch": []
    }
}

Database specific 

{
    "cvss": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "informational": null,
    "categories": [
        "memory-corruption"
    ]
}