CVE-2020-36323

April 27, 2021

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

Summary:

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

Reference Links(if available):

  • https://github.com/rust-lang/rust/issues/80335
  • https://github.com/rust-lang/rust/pull/81728
  • https://github.com/rust-lang/rust/pull/81728#issuecomment-821549174
  • https://lists.fedoraproject.org/archives/list/[email protected]/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5/
  • https://github.com/rust-lang/rust/pull/81728#issuecomment-824904190

    • CVSS Score (if available)

    v2: / HIGHAV:N/AC:L/Au:N/C:P/I:N/A:P

    v3: / HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    CISA Logo

    CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

    April 24, 2024
    CISA Logo

    CISA: Joint Guidance on Deploying AI Systems Securely

    April 24, 2024
    CISA Logo

    CISA: CISA Releases Four Industrial Control Systems Advisories

    April 24, 2024
    CISA Logo

    CISA: CISA Releases Three Industrial Control Systems Advisories

    April 24, 2024
    CISA Logo

    CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

    April 24, 2024