GNU bug report logs - #47542
rust-stackvector package is vulnerable to CVE-2021-29939

Previous Next

Package: guix;

Reported by: Léo Le Bouter <lle-bout <at> zaclys.net>

Date: Thu, 1 Apr 2021 13:48:02 UTC

Severity: normal

Tags: fixed, security

Done: zimoun <zimon.toutoune <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: zimoun <zimon.toutoune <at> gmail.com>
To: Léo Le Bouter <lle-bout <at> zaclys.net>
Cc: 47542 <at> debbugs.gnu.org
Subject: bug#47542: rust-stackvector package is vulnerable to CVE-2021-29939
Date: Mon, 28 Jun 2021 10:06:10 +0200

Hi,

On Thu, 01 Apr 2021 at 15:47, Léo Le Bouter <lle-bout <at> zaclys.net> wrote:
> CVE-2021-29939	07:15
> An issue was discovered in the stackvector crate through 2021-02-19 for
> Rust. There is an out-of-bounds write in StackVec::extend if size_hint
> provides certain anomalous data.
>
> No fix released upstream yet:
> https://github.com/Alexhuszagh/rust-stackvector/issues/2
>
> Out of bounds write sounds like it could have dangerous consequences,
> not sure how likely is "size_hint provides certain anomalous data"
> though.

Thanks for the report.

Commit 015cd2e86e779907085d356c69b6091dc8ac1788 updating to 1.1.1 should
fix the security issue; as upstream said.  So, closing.

All the best,
simon

This bug report was last modified 3 years and 325 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #47542 rust-stackvector package is vulnerable to CVE-2021-29939

GNU bug report logs - #47542
rust-stackvector package is vulnerable to CVE-2021-29939