PT-2020-17646 · Rust · Heapless

Published

2020-11-02

Updated

2021-08-25

CVE-2020-36464

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions heapless crate versions prior to 0.6.1

Description The issue arises from the IntoIter Clone implementation, which clones the entire underlying Vec without considering whether it has already been partially consumed. This can lead to a use-after-free access if the iterator is partially consumed, as the consumed items will be copied. A proof of concept is available, demonstrating the potential for exploitation.

Recommendations For versions prior to 0.6.1, update to version 0.6.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the Clone implementation on partially consumed IntoIter instances to minimize the risk of exploitation.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2020-36464

GHSA-QGWF-R2JJ-2CCV

RUSTSEC-2020-0145

Affected Products

Heapless

PT-2020-17646 · Rust · Heapless

CVE-2020-36464

Weakness Enumeration

Related Identifiers

Affected Products

References · 10