RUSTSEC-2021-0023

Incorrect check on buffer length when seeding RNGs

Issued
Package
rand_core (crates.io)
Type
Vulnerability
Categories
  • crypto-failure
Aliases
Details
https://github.com/rust-random/rand/pull/1096
Patched
  • >=0.6.2
Unaffected
  • <0.6.0
Affected Functions
Version
rand_core::le::read_u32_into
  • <0.6.2, >=0.6.0
rand_core::le::read_u64_into
  • <0.6.2, >=0.6.0

Description

Summary: rand_core::le::read_u32_into and read_u64_into have incorrect checks on the source buffer length, allowing the destination buffer to be under-filled.

Implications: some downstream RNGs, including Hc128Rng (but not the more widely used ChaCha*Rng), allow seeding using the SeedableRng::from_seed trait-function with too short keys.

More