Skip to content

Zerocopy: Some Ref methods are unsound with some type parameters

Moderate severity GitHub Reviewed Published Dec 18, 2023 to the GitHub Advisory Database • Updated Dec 18, 2023

Package

cargo zerocopy (Rust)

Affected versions

>= 0.2.2, < 0.2.9
>= 0.3.0, < 0.3.2
>= 0.4.0, < 0.4.1
>= 0.5.0, < 0.5.2
>= 0.6.0, < 0.6.6
>= 0.7.0, < 0.7.31

Patched versions

0.2.9
0.3.2
0.4.1
0.5.2
0.6.6
0.7.31

Description

The Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound and may allow safe code to exhibit undefined behavior when used with Ref<B, T> where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B types other than cell::Ref or cell::RefMut.

See google/zerocopy#716 for a more in-depth analysis.

The current plan is to yank the affected versions soon. See google/zerocopy#679 for more detail.

References

Published to the GitHub Advisory Database Dec 18, 2023
Reviewed Dec 18, 2023
Last updated Dec 18, 2023

Severity

Moderate

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-rjhf-4mh8-9xjq

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.