Issued

January 4, 2021

Package

fil-ocl (crates.io)

Type

Vulnerability

Categories

• memory-corruption

Aliases

• CVE-2021-25908

Details

https://github.com/cogciprocate/ocl/issues/194

Patched

no patched versions

Unaffected

• <0.12.0

Keywords

• memory-safety
• double-free

Description

Affected versions of this crate read from a container using ptr::read in From<EventList>, and then call a user specified Into<Event> function.

This issue can result in a double-free if the user provided function panics.

More

• Advisory History
• Edit Advisory