PT-2019-5079 · Rust+1 · Rust Programming Language Standard Library+1

Sean Mcarthur

·

Publicado

2019-05-13

·

Atualizado

2024-06-15

·

CVE-2019-12083

CVSS v3.1

8.1

Alta

VetorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions The Rust Programming Language Standard Library versions 1.34.x through 1.34.1 The Rust Programming Language Standard Library version 1.34.0
Description The issue is related to the Error::type id method in the Rust programming language, which can lead to memory unsafety if overridden. This can cause memory safety vulnerabilities, such as out-of-bounds write or read, in safe code. The estimated number of potentially affected devices worldwide is not available.
Recommendations For The Rust Programming Language Standard Library versions 1.34.x through 1.34.1, update to version 1.34.2 or later to resolve the issue. For The Rust Programming Language Standard Library version 1.34.0, update to version 1.34.2 or later to resolve the issue. As a temporary workaround, consider avoiding the override of the Error::type id method until a patch is available.

Exploit

Correção

Buffer Overflow

Out of bounds Read

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-125CWE-787

Identificadores relacionados

BDU:2020-01730
CVE-2019-12083
OPENSUSE-SU-2019:2203-1
OPENSUSE-SU-2019:2244-1
OPENSUSE-SU-2019:2294-1
OPENSUSE-SU-2019_2203-1
OPENSUSE-SU-2019_2244-1
OPENSUSE-SU-2019_2294-1
OPENSUSE-SU-2024:11359-1
OPENSUSE-SU-2024:11360-1
SUSE-SU-2019:2439-1
SUSE-SU-2019:2755-1

Produtos afetados

Rust Programming Language Standard Library
Suse