- Reported
-
- Issued
-
- Package
-
zerocopy
(crates.io)
- Type
-
Vulnerability
- Keywords
-
#ref
#refcell
#mutable-aliasing
- Aliases
-
- References
-
- Patched
-
>=0.2.9, <0.3.0>=0.3.2, <0.4.0>=0.4.1, <0.5.0>=0.5.2, <0.6.0>=0.6.6, <0.7.0>=0.7.31
- Unaffected
-
- Affected Functions
- Version
zerocopy::Ref::into_mut-
>=0.2.2, <0.2.9>=0.3.0, <0.3.2>=0.4.0, <0.4.1>=0.5.0, <0.5.2>=0.6.0, <0.6.6>=0.7.0, <0.7.31
zerocopy::Ref::into_mut_slice-
>=0.2.2, <0.2.9>=0.3.0, <0.3.2>=0.4.0, <0.4.1>=0.5.0, <0.5.2>=0.6.0, <0.6.6>=0.7.0, <0.7.31
zerocopy::Ref::into_ref-
>=0.2.2, <0.2.9>=0.3.0, <0.3.2>=0.4.0, <0.4.1>=0.5.0, <0.5.2>=0.6.0, <0.6.6>=0.7.0, <0.7.31
zerocopy::Ref::into_slice-
>=0.2.2, <0.2.9>=0.3.0, <0.3.2>=0.4.0, <0.4.1>=0.5.0, <0.5.2>=0.6.0, <0.6.6>=0.7.0, <0.7.31
Description
The Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound
and may allow safe code to exhibit undefined behavior when used with Ref<B, T> where B
is cell::Ref or
cell::RefMut. Note that these
methods remain sound when used with B types other than cell::Ref or cell::RefMut.
See https://github.com/google/zerocopy/issues/716 for a more in-depth analysis.
The current plan is to yank the affected versions soon. See
https://github.com/google/zerocopy/issues/679 for more detail.
Advisory available under CC0-1.0
license.