Описание
An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rust-nix | fixed | 0.23.0-1 | package | |
| rust-nix | no-dsa | bullseye | package | |
| rust-nix | not-affected | buster | package |
Примечания
https://rustsec.org/advisories/RUSTSEC-2021-0119.html
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 4 лет назад
An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups.
CVSS3: 9.8
nvd
около 4 лет назад
An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups.
