Описание
Use After Free in lru
Lru crate has two functions for getting an iterator. Both iterators give references to key and value. Calling specific functions, like pop(), will remove and free the value, and but it's still possible to access the reference of value which is already dropped causing use after free.
Пакеты
Наименование
lru
rust
Затронутые версииВерсия исправления
< 0.7.1
0.7.1
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 4 лет назад
An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation.
CVSS3: 7.5
nvd
около 4 лет назад
An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation.