CVE-2020-35903 – dync

Package

Manager: cargo
Name: dync
Vulnerable Version: >=0 <0.5.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00054 pctl0.16689

Details

Out of bounds read in dync VecCopy::data is created as a Vec of u8 but can be used to store and retrieve elements of different types leading to misaligned access. The issue was resolved in v0.5.0 by replacing data being stored by Vec<u8> with a custom managed pointer. Elements are now stored and retrieved using types with proper alignment corresponding to original types.

Metadata

Created: 2021-08-25T20:49:47Z
Modified: 2023-06-13T17:12:14Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-qxjq-v4wf-ppvh/GHSA-qxjq-v4wf-ppvh.json
CWE IDs: ["CWE-125"]
Alternative ID: GHSA-qxjq-v4wf-ppvh
Finding: F111
Auto approve: 1