Lucene search
GoogleOSV:RUSTSEC-2020-0037HistoryAug 31, 2020 - 12:00 p.m.
Misbehaving `HandleLike` implementation can lead to memory safety violation
2020-08-3112:00:00
Google
osv.dev
6
handlelike
objectpool
handlepool
memory safety violation
toctou
bug
EPSS
0.002
Percentile
60.7%
Unsafe code in ObjectPool has time-of-check to time-of-use (TOCTOU) bug that
can eventually lead to a memory safety violation. ObjectPool and HandlePool
implicitly assumes that HandleLike trait methods are pure, i.e., they always
return the same value. However, this assumption is unsound since HandleLike
is a safe, public trait that allows a custom implementation.
Related
osv
osv
CVE-2020-35889
2020-12-31 10:15:16
Memory safety violation in crayon
2021-08-25 20:48:50
nvd
nvd
CVE-2020-35889
2020-12-31 10:15:16
rustsec
rustsec
Misbehaving `HandleLike` implementation can lead to memory safety violation
2020-08-31 12:00:00
cvelist
cvelist
CVE-2020-35889
2020-12-31 08:24:52
cve
cve
CVE-2020-35889
2020-12-31 10:15:16
prion
prion
Design/Logic Flaw
2020-12-31 10:15:00
github
github
Memory safety violation in crayon
2021-08-25 20:48:50