HistoryEdit

CVE-2021-28875

Logic bug in Read can cause buffer overflow in read_to_end()

Issued
Package
std
Type
Vulnerability
Categories
Details
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28875
Patched
  • >=1.50.0
Unaffected
  • <1.20.0

Description

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.