CVE-2022-36086
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-36086
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-36086.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-36086
- Aliases
- Related
- Published
- 2022-09-07T23:15:14Z
- Modified
- 2024-05-14T12:09:18.248288Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
linkedlistallocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than
3 * size_of::<usize>because of metadata write operations. This vulnerability impacts all the initialization functions on theHeapandLockedHeaptypes, includingHeap::new,Heap::init,Heap::init_from_slice, andLockedHeap::new. It also affects multiple uses of theHeap::extendmethod. Version 0.10.2 contains a patch for the issue. As a workaround, ensure that the heap is only initialized with a size larger than3 * size_of::<usize>and that theHeap::extendmethod is only called with sizes larger than2 * size_of::<usize>(). Also, ensure that the total heap size is (and stays) a multiple of2 * size_of::<usize>(). - References
Affected packages
Git / github.com/rust-osdev/linked-list-allocator
Affected ranges
- Type
- GIT
- Repo
- https://github.com/rust-osdev/linked-list-allocator
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed