RUSTSEC-2018-0013

Vec-to-vec transmutations could lead to heap overflow/corruption

Reported

November 27, 2018

Issued

October 2, 2020 (last modified: October 19, 2021)

Package

safe-transmute (crates.io)

Type

Vulnerability

Keywords

#memory-corruption

Aliases

CVE-2018-21000

Details

https://github.com/nabijaczleweli/safe-transmute-rs/pull/36

CVSS Score

9.8 CRITICAL

CVSS Details

Attack vector: Network
Attack complexity: Low
Privileges required: None
User interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Patched

>=0.10.1

Unaffected

<0.4.0

Description

Affected versions of this crate switched the length and capacity arguments in the Vec::from_raw_parts() constructor, which could lead to memory corruption or data leakage.

The flaw was corrected by using the constructor correctly.