HistoryEditJSON (OSV)

RUSTSEC-2024-0400

ruzstd uninit and out-of-bounds memory reads

Reported
Issued
Package
ruzstd (crates.io)
Type
Vulnerability
Categories
References
Patched
  • >=0.7.3
Unaffected
  • <0.7.0

Description

Affected versions of ruzstd miscalculate the length of the allocated and init section of its internal RingBuffer, leading to uninitialized or out-of-bounds reads in copy_bytes_overshooting of up to 15 bytes.

This may result in up to 15 bytes of memory contents being written into the decoded data when decompressing a crafted archive. This may occur multiple times per archive.

Advisory available under CC0-1.0 license.