Reported

February 17, 2021

Issued

March 29, 2021 (last modified: June 13, 2023)

Package

telemetry (crates.io)

Type

Vulnerability

Categories

• memory-corruption

Keywords

#memory-safety

Aliases

• CVE-2021-29937
• GHSA-hpcx-3pw8-g3j2

References

• https://github.com/Yoric/telemetry.rs/issues/45

CVSS Score

9.8 CRITICAL

CVSS Details

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality Impact

High

Integrity Impact

High

Availability Impact

High

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Patched

no patched versions

Description

misc::vec_with_size creates a vector of the provided size and immediately calls vec.set_len(size) on it, initially filling it with uninitialized memory. It then inserts elements using vec[i] = value.clone().

If the value.clone() call panics, uninitialized items in the vector will be dropped leading to undefined behavior.

Advisory available under CC0-1.0 license.