Описание
Data races in gfwx
In the affected versions of this crate, ImageChunkMut<'_, T> unconditionally implements Send and Sync, allowing to create data races.
This can result in a memory corruption or undefined behavior when non thread-safe types are moved and referenced across thread boundaries.
The flaw was corrected in commit e7fb2f5 by adding T: Send bound to the Send impl and adding T: Sync bound to the Sync impl.
Пакеты
Наименование
gfwx
rust
Затронутые версииВерсия исправления
< 0.3.0
0.3.0
Связанные уязвимости
CVSS3: 7
nvd
около 5 лет назад
An issue was discovered in the gfwx crate before 0.3.0 for Rust. Because ImageChunkMut does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur.