RUSTSEC-2022-0068
- Source
- https://rustsec.org/advisories/RUSTSEC-2022-0068
- Import Source
- https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2022-0068.json
- Aliases
- Published
- 2022-11-30T12:00:00Z
- Modified
- 2023-11-08T04:10:54.980908Z
- Details
-
If a message consumer expects data of type "list of pointers", and if the consumer performs certain specific actions on such data, then a message producer can cause the consumer to read out-of-bounds memory. This could trigger a process crash in the consumer, or in some cases could allow exfiltration of private in-memory data.
The C++ Cap'n Proto library is also affected by this bug. See the advisory on the main Cap'n Proto repo for a succinct description of the exact circumstances in which the problem can arise.
- References
-
- https://crates.io/crates/capnp
- https://rustsec.org/advisories/RUSTSEC-2022-0068.html
- https://github.com/capnproto/capnproto/tree/master/security-advisories/2022-11-30-0-pointer-list-bounds.md
- https://dwrensha.github.io/capnproto-rust/2022/11/30/out_of_bounds_memory_access_bug.html
- https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hx
Affected packages
crates.io / capnp
Package
- Name
- capnp