Reported

October 8, 2021

Issued

October 18, 2021 (last modified: June 13, 2023)

Package

crypto2 (crates.io)

Type

INFO Unsound

Keywords

#crypto #alignment #unsound

Aliases

• CVE-2021-45709
• GHSA-9hfg-pxr6-q4vp
• GHSA-pmcv-mgcf-rvxg

References

• https://github.com/shadowsocks/crypto2/issues/27

Patched

no patched versions

Affected Functions

Version

crypto2::streamcipher::Chacha20::decrypt_slice

• *

crypto2::streamcipher::Chacha20::encrypt_slice

• *

crypto2::streamcipher::xor_si512_inplace

• *

Description

The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::from_raw_parts_mut, which breaks the contract and introduces undefined behavior.

This affects Chacha20 encryption and decryption in crypto2.

Advisory available under CC0-1.0 license.