Описание
slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has been fixed in slab 0.4.11. A workaround for this issue involves to avoid using get_disjoint_mut with indices that might be beyond the slab's actual length.
A flaw was found in slab. The get_disjoint_mut method incorrectly validates index boundaries against the slab's capacity rather than its length, enabling a local attacker to access uninitialized memory. This memory access occurs when requesting disjoint mutable references within the slab. Consequently, this can lead to information disclosure.
Меры по смягчению последствий
To mitigate this flaw avoid using get_disjoint_mut with indices that might be beyond the slab's actual length
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Confidential Compute Attestation | build-of-trustee/trustee-rhel9 | Not affected | ||
| Confidential Compute Attestation | confidential-compute-attestation-tech-preview/trustee-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-monitor-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-operator-bundle | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-podvm-builder-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-podvm-payload-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-rhel9-operator | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/cluster-logging-operator-bundle | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
4 Medium
CVSS3
Связанные уязвимости
slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has been fixed in slab 0.4.11. A workaround for this issue involves to avoid using get_disjoint_mut with indices that might be beyond the slab's actual length.
slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has been fixed in slab 0.4.11. A workaround for this issue involves to avoid using get_disjoint_mut with indices that might be beyond the slab's actual length.
slab is a pre-allocated storage for a uniform data type. In version 0. ...
slab allows out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check
EPSS
4 Medium
CVSS3