- Reported
-
- Issued
-
- Package
-
mnl
(crates.io)
- Type
-
Vulnerability
- Categories
-
- Aliases
-
- References
-
- Patched
-
no patched versions
Description
The function mnl::cb_run is marked as safe but exhibits unsound behavior when processing malformed Netlink message buffers.
Passing a crafted byte slice to mnl::cb_run can trigger memory violations. The function does not sufficiently validate the input buffer structure before processing, leading to out-of-bounds reads.
This vulnerability allows an attacker to cause a Denial of Service (segmentation fault) or potentially read unmapped memory by providing a malformed Netlink message.
Advisory available under CC0-1.0
license.