RUSTSEC-2022-0006

Source

https://rustsec.org/advisories/RUSTSEC-2022-0006

Import Source

https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2022-0006.json

Aliases

GHSA-9hpw-r23r-xgm5

Published

2022-01-23T12:00:00Z

Modified

2023-11-08T04:17:57.540599Z

Details

In the affected version of this crate, {Iter, IterMut}::next used a weaker memory ordering when loading values than what was required, exposing a potential data race when iterating over a ThreadLocal's values.

Crates using Iter::next, or IterMut::next are affected by this issue.

References

https://crates.io/crates/thread_local
https://rustsec.org/advisories/RUSTSEC-2022-0006.html
https://github.com/Amanieu/thread_local-rs/issues/33

Affected packages

crates.io / thread_local

Package

Name: thread_local

Affected ranges

Type: SEMVER
Events: Introduced

0.0.0-0

Fixed

1.1.4

Ecosystem specific

{
    "affects": {
        "os": [],
        "functions": [],
        "arch": []
    }
}

Database specific

{
    "cvss": null,
    "informational": null,
    "categories": [
        "memory-corruption"
    ]
}