Описание
Tokio broadcast channel calls clone in parallel, but does not require Sync
The broadcast channel internally calls clone on the stored value when receiving it, and only requires T:Send. This means that using the broadcast channel with values that are Send but not Sync can trigger unsoundness if the clone implementation makes use of the value being !Sync.
Thank you to Austin Bonander for finding and reporting this issue.
Пакеты
Наименование
tokio
rust
Затронутые версииВерсия исправления
>= 1.44.0, < 1.44.2
1.44.2
Наименование
tokio
rust
Затронутые версииВерсия исправления
>= 0.2.5, < 1.38.2
1.38.2
Наименование
tokio
rust
Затронутые версииВерсия исправления
>= 1.39.0, < 1.43.1
1.43.1
2.7 Low
CVSS4
Дефекты
CWE-664
2.7 Low
CVSS4
Дефекты
CWE-664