PT-2020-13660 · Rust Vmm · Rust-Vmm Vm-Memory

Published

2020-06-02

Updated

2021-08-25

CVE-2020-13759

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions rust-vmm vm-memory versions 0.1.0 through 0.1.1 and 0.2.x before 0.2.1

Description The issue allows attackers to cause a denial of service, specifically a loss of IP networking, due to improper memory access by the read obj and write obj functions. This affects systems with specific architectures and libraries, including aarch64 with musl or glibc, and x86 64 with musl.

Recommendations For versions 0.1.0 through 0.1.1, update to version 0.1.1 or later. For versions 0.2.x before 0.2.1, update to version 0.2.1 or later.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-662CWE-362

Related Identifiers

CVE-2020-13759

GHSA-MM4M-QG48-F7WC

RUSTSEC-2020-0157

Affected Products

Rust-Vmm Vm-Memory

PT-2020-13660 · Rust Vmm · Rust-Vmm Vm-Memory

CVE-2020-13759

Weakness Enumeration

Related Identifiers

Affected Products

References · 10