Out-of-bounds Write Affecting linked-list-allocator package, versions <0.10.2
Snyk CVSS
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RUST-LINKEDLISTALLOCATOR-3018697
- published 8 Sep 2022
- disclosed 8 Sep 2022
- credit Evan Richter
Introduced: 8 Sep 2022
CVE-2022-36086 Open this link in a new tabHow to fix?
Upgrade linked-list-allocator
to version 0.10.2 or higher.
Overview
Affected versions of this package are vulnerable to Out-of-bounds Write when a heap is initialized with a size smaller than 3 * size_of::<usize>
because of metadata write operations.
Note: This vulnerability impacts all the initialization functions on the Heap
and LockedHeap
types, including Heap::new
, Heap::init
, Heap::init_from_slice
, and LockedHeap::new
. It also affects multiple uses of the Heap::extend
method.
Workaround
Users who are not able to update to the fixed version should ensure that the heap is only initialized with a size larger than 3 * size_of::<usize>
and that the Heap::extend
method is only called with sizes larger than 2 * size_of::<usize>()
. Also, it is recommended to ensure that the total heap size is (and stays) a multiple of 2 * size_of::<usize>()
.