Reported

February 12, 2021

Issued

February 15, 2021 (last modified: June 13, 2023)

Package

rand_core (crates.io)

Type

Vulnerability

Categories

• crypto-failure

Aliases

• CVE-2021-27378
• GHSA-w7j2-35mf-95p7

References

• https://github.com/rust-random/rand/pull/1096

CVSS Score

9.8 CRITICAL

CVSS Details

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Patched

• >=0.6.2

Unaffected

• <0.6.0

Affected Functions

Version

rand_core::le::read_u32_into

• <0.6.2, >=0.6.0

rand_core::le::read_u64_into

• <0.6.2, >=0.6.0

Description

Summary: rand_core::le::read_u32_into and read_u64_into have incorrect checks on the source buffer length, allowing the destination buffer to be under-filled.

Implications: some downstream RNGs, including Hc128Rng (but not the more widely used ChaCha*Rng), allow seeding using the SeedableRng::from_seed trait-function with too short keys.

Advisory available under CC0-1.0 license.