CVE-2021-26306

Name of the Vulnerable Software and Affected Versions raw-cpuid crate versions prior to 9.0.0

Description The issue is related to unsound transmute calls within as string() methods in the raw-cpuid crate for Rust. Specifically, VendorInfo::as string(), SoCVendorBrand::as string(), and ExtendedFunctionInfo::processor brand string() construct byte slices using std::slice::from raw parts() with data coming from #[repr(Rust)] structs, which is always undefined behavior. Additionally, native cpuid::cpuid count() exposes the unsafe cpuid count() intrinsic without checking the safety requirement that the CPU supports the function being called. This issue is mitigated by the fact that affected programs are expected to crash deterministically every time.

Recommendations For versions prior to 9.0.0, update to version 9.0.0 or later, which fixes the issue by making the relevant structs #[repr(C)] and intentionally breaking compilation when targeting affected CPUs. As a temporary workaround, consider avoiding the use of as string() methods and native cpuid::cpuid count() function until the issue is resolved.