CVE-2018-25008

Insufficient synchronization in Arc::get_mut

Reported

June 25, 2018

Issued

July 6, 2021

Package

std

Type

Vulnerability

Categories

thread-safety

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25008

Patched

>=1.29.0

Unaffected

<1.3.0

Description

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions.

Advisory available under CC0-1.0 license.