Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS05YzlmLTd4OXAtNHdxcM4AArsx
A malicious coder can get unsound access to TCell or TLCell memory
This is impossible to do by accident, but by carefully constructing
marker types to be covariant, a malicious coder can cheat the
singleton check in TCellOwner and TLCellOwner, giving unsound
access to cell memory. This could take the form of getting two
mutable references to the same memory, or a mutable reference and an
immutable reference.
The fix is for the crate to internally force the marker type to be
invariant. This blocks the conversion between covariant types which
Rust normally allows.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05YzlmLTd4OXAtNHdxcM4AArsx
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 2 years ago
Updated: over 1 year ago
Identifiers: GHSA-9c9f-7x9p-4wqp
References:
- https://github.com/uazu/qcell/issues/20
- https://rustsec.org/advisories/RUSTSEC-2022-0007.html
- https://github.com/advisories/GHSA-9c9f-7x9p-4wqp
Blast Radius: 0.0
Affected Packages
cargo:qcell
Dependent packages: 3Dependent repositories: 7
Downloads: 113,307 total
Affected Version Ranges: < 0.4.3
Fixed in: 0.4.3
All affected versions: 0.1.0, 0.1.1, 0.1.2, 0.2.0, 0.3.0, 0.4.0, 0.4.1, 0.4.2
All unaffected versions: 0.4.3, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.5.4