Описание
Out of bounds read in uu_od
An issue was discovered in PartialReader in the uu_od crate before 0.0.4 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-29934
- https://github.com/uutils/coreutils/issues/1729
- https://github.com/uutils/coreutils/pull/1730
- https://github.com/uutils/coreutils/pull/1738
- https://github.com/uutils/coreutils/pull/1739
- https://github.com/uutils/coreutils/commit/39d62c6c1f809022c903180471c10fde6ecd12d1
- https://github.com/uutils/coreutils/commit/5935876f38498b0c1f657d031171eb17028def6f
- https://github.com/uutils/coreutils/commit/7341a1a033aa5980ac59bc9d4df978b396de4fad
- https://rustsec.org/advisories/RUSTSEC-2021-0043.html
Пакеты
Наименование
uu_od
rust
Затронутые версииВерсия исправления
< 0.0.4
0.0.4
Связанные уязвимости
CVSS3: 7.3
nvd
почти 5 лет назад
An issue was discovered in PartialReader in the uu_od crate before 0.0.4 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation.