Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04aDgtdjZqaC1jNzYy
Incorrect buffer size in crossbeam-channel
The affected version of this crate's the bounded channel incorrectly assumes that Vec::from_iter has allocated capacity that same as the number of iterator elements. Vec::from_iter does not actually guarantee that and may allocate extra memory. The destructor of the bounded channel reconstructs Vec from the raw pointer based on the incorrect assumes described above. This is unsound and causing deallocation with the incorrect capacity when Vec::from_iter has allocated different sizes with the number of iterator elements.
Permalink: https://github.com/advisories/GHSA-m8h8-v6jh-c762JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04aDgtdjZqaC1jNzYy
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 3 years ago
Updated: over 1 year ago
CVSS Score: 5.5
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Identifiers: GHSA-m8h8-v6jh-c762, CVE-2020-35904
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-35904
- https://github.com/crossbeam-rs/crossbeam/pull/533
- https://rustsec.org/advisories/RUSTSEC-2020-0052.html
- https://github.com/advisories/GHSA-m8h8-v6jh-c762
Blast Radius: 25.1
Affected Packages
cargo:crossbeam-channel
Dependent packages: 1,372Dependent repositories: 36,222
Downloads: 176,757,857 total
Affected Version Ranges: >= 0.4.3, < 0.4.4
Fixed in: 0.4.4
All affected versions: 0.4.3
All unaffected versions: 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.2.4, 0.2.5, 0.2.6, 0.3.0, 0.3.1, 0.3.2, 0.3.3, 0.3.4, 0.3.5, 0.3.6, 0.3.7, 0.3.8, 0.3.9, 0.4.0, 0.4.1, 0.4.2, 0.4.4, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.5.5, 0.5.6, 0.5.7, 0.5.8, 0.5.9, 0.5.10, 0.5.11, 0.5.12, 0.5.13