CVE-2020-35921

Name of the Vulnerable Software and Affected Versions miow crate versions prior to 0.3.6

Description The issue arises from the miow crate's assumption about the memory representation of std::net::SocketAddrV4 and std::net::SocketAddrV6 being the same as the system C representation sockaddr. This assumption leads to a simple casting of pointers to convert socket addresses to the system representation. However, since the standard library does not guarantee a specific memory layout, any changes to the implementation could result in invalid memory access without warnings or errors.

Recommendations For versions prior to 0.3.6, update to version 0.3.6 or later to resolve the issue.