Reported

January 23, 2022

Issued

January 24, 2022

Package

thread_local (crates.io)

Type

Vulnerability

Categories

• memory-corruption

Details

https://github.com/Amanieu/thread_local-rs/issues/33

Patched

• >=1.1.4

Description

In the affected version of this crate, {Iter, IterMut}::next used a weaker memory ordering when loading values than what was required, exposing a potential data race when iterating over a ThreadLocal's values.

Crates using Iter::next, or IterMut::next are affected by this issue.