Описание
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of {i,u}64 was always the same as Atomic{I,U}64. However, the alignment of {i,u}64 on a 32-bit target can be smaller than Atomic{I,U}64. This can cause unaligned memory accesses and data race. Crates using fetch_* methods with AtomicCell<{i,u}64> are affected by this issue. 32-bit targets without Atomic{I,U}64 and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/xenial | needed | |
| focal | not-affected | code not present |
| impish | ignored | end of life |
| jammy | not-affected | code not present |
| kinetic | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | released | 1:1snap1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | ignored | end of standard support, was ignored [bundled deps handled by upstream in new versions] |
| impish | ignored | end of life |
| jammy | released | 1:1snap1-0ubuntu1 |
| kinetic | released | 1:1snap1-0ubuntu1 |
| lunar | released | 1:1snap1-0ubuntu1 |
| mantic | released | 1:1snap1-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | not-affected | 2.52.5+dfsg-3 |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | 2.48.9-1ubuntu0.20.04.1 |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | 2.48.9-1ubuntu0.20.04.1 |
| impish | not-affected | 2.50.7+dfsg-1 |
| jammy | not-affected | 2.52.5+dfsg-3 |
| kinetic | not-affected | 2.52.5+dfsg-3 |
| lunar | not-affected | 2.52.5+dfsg-3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/focal | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | ignored | |
| focal | ignored | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | ignored | |
| focal | ignored | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE | |
| mantic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/jammy | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | ignored | end of life |
| jammy | ignored | |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 0.8.8-1 |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | not-affected | 0.8.8-1 |
| focal | ignored | end of standard support, was needed |
| impish | ignored | end of life |
| jammy | needed | |
| kinetic | ignored | end of life, was needed |
| lunar | not-affected | 0.8.8-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/jammy | needed | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | DNE | |
| jammy | needed | |
| kinetic | ignored | end of life, was needed |
| lunar | DNE | |
| mantic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | DNE | |
| esm-apps/bionic | not-affected | 1.59.0+dfsg1~ubuntu1~llvm-1~ubuntu1~18.04.2 |
| esm-apps/focal | released | 1.59.0+dfsg1~ubuntu1~llvm-1~ubuntu1~20.04.2 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | needed | |
| focal | released | 1.59.0+dfsg1~ubuntu1~llvm-1~ubuntu1~20.04.2 |
| impish | ignored | end of life |
| jammy | released | 1.58.1+dfsg1~ubuntu1-0ubuntu1 |
| kinetic | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | ignored | bundled deps handled by upstream in new versions |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | ignored | end of standard support, was ignored [bundled deps handled by upstream in new versions] |
| impish | ignored | end of life |
| jammy | ignored | bundled deps handled by upstream in new versions |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was ignored [bundled deps handled by upstream in new versions] |
| mantic | ignored | end of life, was ignored [bundled deps handled by upstream in new versions] |
Показывать по
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds.
crossbeam-utils provides atomics, synchronization primitives, scoped t ...
crossbeam-utils Unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64
Уязвимость инструментов для параллельного программирования Crossbeam Utils на 32-битных системах, связанная с одновременным выполнением с использованием общего ресурса с неправильной синхронизацией, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3