Описание
Out of bounds read in simd-json
The affected version of this crate did not guard against accessing memory beyond the range of its input data. A pointer cast to read the data into a 256-bit register could lead to a segmentation fault when the end plus the 32 bytes (256 bit) read would overlap into the next page during string parsing. This allows an attacker to eventually crash a service. The flaw was corrected by using a padding buffer for the last read from the input. So that we are we never read over the boundary of the input data.
Пакеты
Наименование
simd-json
rust
Затронутые версииВерсия исправления
>= 0.1.13, < 0.1.15
0.1.15
Связанные уязвимости
CVSS3: 7.5
nvd
больше 6 лет назад
An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary.