RUSTSEC-2021-0032

Source
https://rustsec.org/advisories/RUSTSEC-2021-0032
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2021-0032.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2021-0032
Aliases
Published
2021-03-01T12:00:00Z
Modified
2023-11-08T04:05:27.850049Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Deserializing an array can drop uninitialized memory on panic
Details

The read_bytes_default_le function for [T; n] arrays, used to deserialize arrays of T from bytes created a [T; n] array with std::mem::uninitialized and then called T's deserialization method.

If T's deserialization method panicked, the uninitialized memory could drop invalid objects.

This flaw was corrected in a535678 by removing the unsafe block and using a .map function to deserialize each element of the array instead.

Database specific
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / byte_struct

Package

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
0.6.1

Ecosystem specific

{
    "affected_functions": null,
    "affects": {
        "os": [],
        "functions": [],
        "arch": []
    }
}

Database specific

{
    "cvss": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "informational": null,
    "categories": [
        "memory-corruption"
    ]
}