Описание
Data race in syncpool
Affected versions of this crate unconditionally implements Send for Bucket2. This allows sending non-Send types to other threads. This can lead to data races when non Send types like Cell or Rc are contained inside Bucket2 and sent across thread boundaries. The data races can potentially lead to memory corruption (as demonstrated in the PoC from the original report issue). The flaw was corrected in commit 15b2828 by adding a T: Send bound to the Send impl of Bucket2.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-36462
- https://github.com/Chopinsky/byte_buffer/issues/2
- https://github.com/Chopinsky/byte_buffer/commit/15b282877d1e576de2b337d8162bbf43ed1a0f2d
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/syncpool/RUSTSEC-2020-0142.md
- https://rustsec.org/advisories/RUSTSEC-2020-0142.html
Пакеты
Наименование
syncpool
rust
Затронутые версииВерсия исправления
< 0.1.6
0.1.6
Связанные уязвимости
CVSS3: 8.1
nvd
больше 4 лет назад
An issue was discovered in the syncpool crate before 0.1.6 for Rust. There is an unconditional implementation of Send for Bucket2.