RUSTSEC-2024-0408 – pprof

Package

Manager: cargo
Name: pprof
Vulnerable Version: >=0.0.0-0 <0.14.0

Severity

Level: Low

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:R

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

EPSS: N/A pctlN/A

Details

Unsound usages of `std::slice::from_raw_parts` The library breaks the safety assumptions when using unsafe API `std::slice::from_raw_parts`. First, when using the API in iterator implementation (`TempFdArrayIterator.next`), generic type could be any type, which would create and pass a misaligned pointer to the unsafe API. Second, when validating the address, the code passed the type `c_void`, which could also be any type, leading to potential uninitialized memory exposure. Two unsound usages here highlight the necessity for developers to perform type checks before doing type conversion with unsafe API. The panic caused by the misalignment causes several downstream applications (e.g., `greptimedb`) to crash when using `pprof::report::ReportBuilder::build`. This was patched in 0.14.0. The developer also suggested moving to [pprof2](https://crates.io/crates/pprof2).

Metadata

Created: 2024-12-04T12:00:00Z
Modified: 2024-12-05T04:00:56Z
Source: https://osv-vulnerabilities
CWE IDs: N/A
Alternative ID: N/A
Finding: F138
Auto approve: 1