Fixed two UAFs and bumped versions for release #2390
Merged
+53
−11
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sfackler
approved these changes
Apr 4, 2025
This was referenced Apr 4, 2025
Closed
Closed
Closed
Open
Open
RUSTSEC-2025-0022: Use-After-Free in
Md::fetch and Cipher::fetch
universal-inbox/universal-inbox#116
Open
Open
This was referenced Apr 5, 2025
This was referenced Apr 6, 2025
RUSTSEC-2025-0022: Use-After-Free in
Md::fetch and Cipher::fetch
equinor/septic-config-generator#336
Open
Open
facebook-github-bot
pushed a commit
to facebookexperimental/rust-shed
that referenced
this pull request
Apr 15, 2025
… `Cipher::fetch` Package: openssl 0.10.70 Summary: Reported April 4, 2025 Issued April 4, 2025 Package openssl (crates.io) Type Vulnerability Categories memory-corruption References sfackler/rust-openssl#2390 Patched >=0.10.72 Unaffected <0.10.39 Affected Functions Version openssl::cipher::Cipher::fetch >=0.10.39, <0.10.72 openssl::md::Md::fetch >=0.10.39, <0.10.72 Description When a Some(...) value was passed to the properties argument of either of these functions, a use-after-free would result. In practice this would nearly always result in OpenSSL treating the properties as an empty string (due to CString::drop's behavior). Reviewed By: dtolnay Differential Revision: D72915613 fbshipit-source-id: c66dcff004a22fcd1152dd3bc7132bca57330c2e
facebook-github-bot
pushed a commit
to facebook/sapling
that referenced
this pull request
Apr 15, 2025
… `Cipher::fetch` Package: openssl 0.10.70 Summary: Reported April 4, 2025 Issued April 4, 2025 Package openssl (crates.io) Type Vulnerability Categories memory-corruption References sfackler/rust-openssl#2390 Patched >=0.10.72 Unaffected <0.10.39 Affected Functions Version openssl::cipher::Cipher::fetch >=0.10.39, <0.10.72 openssl::md::Md::fetch >=0.10.39, <0.10.72 Description When a Some(...) value was passed to the properties argument of either of these functions, a use-after-free would result. In practice this would nearly always result in OpenSSL treating the properties as an empty string (due to CString::drop's behavior). Reviewed By: dtolnay Differential Revision: D72915613 fbshipit-source-id: c66dcff004a22fcd1152dd3bc7132bca57330c2e
This was referenced May 1, 2025
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.