Skip to content

`ruzstd` uninit and out-of-bounds memory reads

Moderate severity GitHub Reviewed Published Dec 2, 2024 to the GitHub Advisory Database

Package

cargo ruzstd (Rust)

Affected versions

>= 0.7.0, < 0.7.3

Patched versions

0.7.3

Description

Affected versions of ruzstd miscalculate the length of the allocated and init section of its internal RingBuffer, leading to uninitialized or out-of-bounds reads in copy_bytes_overshooting of up to 15 bytes.

This may result in up to 15 bytes of memory contents being written into the decoded data when decompressing a crafted archive. This may occur multiple times per archive.

References

Published to the GitHub Advisory Database Dec 2, 2024
Reviewed Dec 2, 2024

Severity

Moderate

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-x3f4-45xf-rjm7

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.