Vulnerability DatabaseWS-2023-0048
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2023-0048
November 03, 2024
Affected versions of this crate were using a debug assertion to validate the last parameter of partial_sort(). This would allow invalid inputs to cause an out-of-bounds read instead of immediately panicking, when compiled without debug assertions. All writes are bounds-checked, so the out-of-bounds memory access is read-only. This also means that the first attempted out-of-bounds write will panic, limiting the possible reads. The accessible region is further limited by an initial bounds-checked read at (last / 2) - 1, i.e., it is proportional to the size of the vector. This bug has been fixed in v0.2.0.
Related ResourcesĀ (4)
https://github.com/sundy-li/partial_sort
https://github.com/sundy-li/partial_sort/commit/8e3e1d6c673ad4fabda667d9c967bee94475aa64
https://github.com/sundy-li/partial_sort/issues/7
https://rustsec.org/advisories/RUSTSEC-2023-0016.html
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE
Weakness Type (CWE)
Out-of-bounds Read
CWE-125