CVE-2020-36207

Name of the Vulnerable Software and Affected Versions aovec crate through 2020-12-10

Description The issue concerns the aovec crate, which implements the Send and Sync traits for all types T without proper bounds. This allows non-Send types, such as Rc, and non-Sync types, such as Cell, to be used across thread boundaries, potentially triggering undefined behavior and memory corruption due to data races.

Recommendations For the aovec crate through 2020-12-10, consider restricting the use of aovec::Aovec<T> with non-Send or non-Sync types to prevent data races and memory corruption. As a temporary workaround, avoid using aovec::Aovec<T> with types like Rc and Cell across thread boundaries until a proper fix is implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.