RUSTSEC-2020-0152

ImmediateIO and TransactionalIO can cause data races

Issued
Package
max7301 (crates.io)
Type
Vulnerability
Categories
  • memory-corruption
Details
https://github.com/edarc/max7301/issues/1
Patched
  • >=0.2.0
Keywords
  • concurrency

Description

The ImmediateIO and TransactionalIO types implement Sync for all contained Expander<EI> types regardless of if the Expander itself is safe to use across threads.

As the IO types allow retrieving the Expander, this can lead to non-thread safe types being sent across threads as part of the Expander leading to data races.

More