Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwanItY2g3Mi0ycXE0
Use after free in portaudio-rs
Affected versions of this crate is not panic safe within callback functions stream_callback and stream_finished_callback. The call to user-provided closure might panic before a mem::forget call, which then causes a use after free that grants attacker to control the callback function pointer. This allows an attacker to construct an arbitrary code execution .
Permalink: https://github.com/advisories/GHSA-qpjr-ch72-2qq4JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwanItY2g3Mi0ycXE0
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: over 2 years ago
Updated: 11 months ago
CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-qpjr-ch72-2qq4, CVE-2019-16881
References:
- https://nvd.nist.gov/vuln/detail/CVE-2019-16881
- https://github.com/mvdnes/portaudio-rs/issues/20
- https://rustsec.org/advisories/RUSTSEC-2019-0022.html
- https://github.com/mvdnes/portaudio-rs/commit/7466df019f6739732fd91401017942c22364ef61
- https://github.com/advisories/GHSA-qpjr-ch72-2qq4
Blast Radius: 15.5
Affected Packages
cargo:portaudio-rs
Dependent packages: 1Dependent repositories: 38
Downloads: 72,363 total
Affected Version Ranges: < 0.3.2
Fixed in: 0.3.2
All affected versions: 0.3.0, 0.3.1
All unaffected versions: 0.3.2