PT-2021-21999 · Tokio · Tokio

CVE-2021-38191

·

Published

2021-07-07

·

Updated

2022-11-03

CVSS v3.1

5.9

Medium

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: tokio crate versions prior to 1.8.1
Description: An issue was discovered in the tokio crate where upon a JoinHandle::abort, a Task may be dropped in the wrong thread. This occurs when aborting a task with JoinHandle::abort and the future is dropped in the thread calling abort if the task is not currently being executed, which is incorrect for tasks spawned on a LocalSet. This can result in race conditions, particularly since many projects use Rc or RefCell in their Tokio tasks for better performance.
Recommendations: For versions prior to 1.8.1, update to version 1.8.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of JoinHandle::abort for tasks spawned on a LocalSet until a patch is available. Restrict access to tasks that utilize Rc or RefCell to minimize the risk of exploitation.

Exploit

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2021-38191
GHSA-2GRH-HM3W-W7HV
OPENSUSE-SU-2024:11751-1
RUSTSEC-2021-0072

Affected Products

Tokio