CVE-2020-36323 – rust: optimization for joining strings can cause uninitialized bytes to be exposed
https://notcve.org/view.php?id=CVE-2020-36323
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. En la biblioteca standard en Rust versiones anteriores a 1.52.0, se presenta una optimización para unir cadenas que pueden causar que los bytes no inicializados queden expuestos (o que el programa se bloquee) si la cadena prestada cambia después de que su longitud es comprobada • https://github.com/rust-lang/rust/issues/80335 https://github.com/rust-lang/rust/pull/81728 https://github.com/rust-lang/rust/pull/81728#issuecomment-821549174 https://github.com/rust-lang/rust/pull/81728#issuecomment-824904190 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list& • CWE-20: Improper Input Validation CWE-134: Use of Externally-Controlled Format String •
CVE-2018-25008
https://notcve.org/view.php?id=CVE-2018-25008
In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 129.0, se presenta una sincronización débil en el método Arc::get_mut. Este problema de sincronización puede conllevar problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/51780 https://github.com/rust-lang/rust/pull/52031 • CWE-662: Improper Synchronization •
CVE-2015-20001
https://notcve.org/view.php?id=CVE-2015-20001
In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory safety violation. En la biblioteca estándar de Rust versiones anteriores a 1.2.0, BinaryHeap no es a prueba de pánico. La pila del binario es dejada en un estado inconsistente cuando la comparación de elementos genéricos dentro de la función sift_up o sift_down_range entra en pánico. • https://github.com/rust-lang/rust/issues/25842 https://github.com/rust-lang/rust/pull/25856 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2020-36317 – rust: memory safety violation in String::retain()
https://notcve.org/view.php?id=CVE-2020-36317
In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. En la biblioteca estándar en Rust versiones anteriores a 1.49.0, la función String::retener() presenta un problema de seguridad de pánico. Permite una creación de una cadena Rust que no sea UTF-8 cuando el cierre provisto entra en pánico. • https://github.com/rust-lang/rust/issues/78498 https://github.com/rust-lang/rust/pull/78499 https://access.redhat.com/security/cve/CVE-2020-36317 https://bugzilla.redhat.com/show_bug.cgi?id=1949189 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2021-28878 – rust: memory safety violation in Zip implementation when next_back() and next() are used together
https://notcve.org/view.php?id=CVE-2021-28878
In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar en Rust versiones anteriores a 1.52.0, la implementación de Zip llama a la función __iterator_get_unchecked() más de una vez para el mismo índice (bajo determinadas condiciones) cuando las funciones next_back() y next() son usadas juntas. Este bug podría conllevar a una violación de seguridad de la memoria debido a un requisito de seguridad no cumplido para el rasgo TrustedRandomAccess • https://github.com/rust-lang/rust/issues/82291 https://github.com/rust-lang/rust/pull/82292 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE https://security.gentoo.org/glsa/202210-09 https://access.redhat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •