Описание
Duplicate Advisory: Data races in ticketed_lock
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-77m6-x95j-75r5. This link is maintained to preserve external references.
Original Description
Affected versions of this crate unconditionally implemented Send for ReadTicket<T> & WriteTicket<T>.
This allows to send non-Send T to other threads.
This can allows creating data races by cloning types with internal mutability and sending them to other threads (as T of ReadTicket<T>/WriteTicket<T>). Such data races can cause memory corruption or other undefined behavior.
The flaw was corrected in commit a986a93 by adding T: Send bounds to Send impls of ReadTicket<T>/WriteTicket<T>.
Пакеты
Наименование
ticketed_lock
rust
Затронутые версииВерсия исправления
< 0.3.0
0.3.0
8.1 High
CVSS3
Дефекты
CWE-362
8.1 High
CVSS3
Дефекты
CWE-362