Описание
Unaligned memory access in rand_core
Impact
Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. rand_core::BlockRng::next_u64 and rand_core::BlockRng::fill_bytes are affected.
Patches
The flaw was corrected by Ralf Jung and Diggory Hardy for rand_core >= 0.4.2.
Workarounds
None.
References
See Rand's changelog.
For more information
If you have any questions or comments about this advisory, open an issue in the Rand repository.
Пакеты
rand_core
>= 0.4.0, < 0.4.2
0.4.2
rand_core
< 0.3.1
0.3.1
Связанные уязвимости
An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.
An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.
An issue was discovered in the rand_core crate before 0.4.2 for Rust. ...