Kitsuneninetails

**Name of the Vulnerable Software and Affected Versions** signal-simple crate versions through 2020-11-15 **Description** An issue was discovered in the signal-simple crate where there are unconditional implementations of Send and Sync for SyncChannel<T>. This allows users to create undefined behavior in safe Rust by sending T: !Send to other threads with SyncChannel::send/recv APIs. Using T = Arc<Cell< > can lead to data races and memory corruption, while using T = MutexGuard<T> can allow unlocking a mutex from a thread that didn't lock it. **Recommendations** For signal-simple crate versions through 2020-11-15, consider avoiding the use of SyncChannel<T> with types that are not Send, such as Arc<Cell< > or MutexGuard<T>, to prevent undefined behavior and potential memory corruption. As a temporary workaround, consider restricting the use of SyncChannel::send/recv APIs until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.