RUSTSEC-2020-0145

See a problem?
Please try reporting it to the source first.

Source

https://rustsec.org/advisories/RUSTSEC-2020-0145

Import Source

https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0145.json

JSON Data

https://api.osv.dev/v1/vulns/RUSTSEC-2020-0145

Aliases

Published

2020-11-02T12:00:00Z

Modified

2023-11-08T04:03:46.441950Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

Use-after-free when cloning a partially consumed `Vec` iterator

Details

The IntoIter Clone implementation clones the whole underlying Vec. If the iterator is partially consumed the consumed items will be copied, thus creating a use-after-free access.

A proof of concept is available in the original bug report.

Database specific

{
    "license": "CC0-1.0"
}

References

Affected packages

crates.io / heapless

Package

Name: heapless; View open source insights on deps.dev
Purl: pkg:cargo/heapless

Affected ranges

Type: SEMVER
Events: Introduced

0.0.0-0

Fixed

0.6.1

Ecosystem specific

{
    "affected_functions": null,
    "affects": {
        "os": [],
        "functions": [
            "heapless::vec::IntoIter::clone"
        ],
        "arch": []
    }
}

Database specific

{
    "cvss": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "informational": "unsound",
    "categories": [
        "memory-corruption",
        "memory-exposure"
    ]
}