HistoryEdit

RUSTSEC-2021-0023

Incorrect check on buffer length when seeding RNGs

Reported
Issued
Package
rand_core (crates.io)
Type
Vulnerability
Categories
Aliases
Details
https://github.com/rust-random/rand/pull/1096
CVSS Score
9.8 CRITICAL
CVSS Details
Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Patched
  • >=0.6.2
Unaffected
  • <0.6.0
Affected Functions
Version
rand_core::le::read_u32_into
  • <0.6.2, >=0.6.0
rand_core::le::read_u64_into
  • <0.6.2, >=0.6.0

Description

Summary: rand_core::le::read_u32_into and read_u64_into have incorrect checks on the source buffer length, allowing the destination buffer to be under-filled.

Implications: some downstream RNGs, including Hc128Rng (but not the more widely used ChaCha*Rng), allow seeding using the SeedableRng::from_seed trait-function with too short keys.