Описание
The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic.
A flaw was found in buffered-reader. The crate's implementation contains an out-of-bounds array access, leading to a panic. A local attacker can trigger this condition by providing a specially crafted input. This occurs when processing data from an external source, which can result in a denial of service.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | rust-rpm-sequoia | Fix deferred | ||
| Red Hat Enterprise Linux 10 | rust-sequoia-sq | Fix deferred | ||
| Red Hat Enterprise Linux 10 | rust-sequoia-sqv | Fix deferred | ||
| Red Hat Enterprise Linux 10 | trustee-guest-components | Fix deferred | ||
| Red Hat Enterprise Linux 9 | rust-rpm-sequoia | Fix deferred | ||
| Red Hat Enterprise Linux 9 | trustee-guest-components | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | kata-containers | Fix deferred | ||
| Red Hat Trusted Profile Analyzer | rhtpa/rhtpa-trustification-service-rhel9 | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic.
The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic.
The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds a ...
buffered-reader vulnerable to out-of-bounds array access leading to panic
EPSS
3.3 Low
CVSS3