GNU bug report logs - #47542
rust-stackvector package is vulnerable to CVE-2021-29939

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix; Reported by: Léo Le Bouter <lle-bout@HIDDEN>; Keywords: security; dated Thu, 1 Apr 2021 13:48:02 UTC; Maintainer for guix is bug-guix@HIDDEN.
Added tag(s) security. Request was from Léo Le Bouter <lle-bout@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 1 Apr 2021 13:48:00 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Apr 01 09:47:59 2021
Received: from localhost ([127.0.0.1]:56726 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lRxfz-0004Ug-Mv
	for submit <at> debbugs.gnu.org; Thu, 01 Apr 2021 09:47:59 -0400
Received: from lists.gnu.org ([209.51.188.17]:50678)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <lle-bout@HIDDEN>) id 1lRxfx-0004UY-VJ
 for submit <at> debbugs.gnu.org; Thu, 01 Apr 2021 09:47:58 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:47438)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <lle-bout@HIDDEN>)
 id 1lRxfx-0006Gl-Ns
 for bug-guix@HIDDEN; Thu, 01 Apr 2021 09:47:57 -0400
Received: from mail.zaclys.net ([178.33.93.72]:32827)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <lle-bout@HIDDEN>)
 id 1lRxfu-0007M8-RB
 for bug-guix@HIDDEN; Thu, 01 Apr 2021 09:47:57 -0400
Received: from guix-xps.local (lsl43-1_migr-78-195-19-20.fbx.proxad.net
 [78.195.19.20] (may be forged)) (authenticated bits=0)
 by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 131DlpYx053283
 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
 for <bug-guix@HIDDEN>; Thu, 1 Apr 2021 15:47:51 +0200
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 131DlpYx053283
Authentication-Results: mail.zaclys.net;
 dmarc=fail (p=reject dis=none) header.from=zaclys.net
Authentication-Results: mail.zaclys.net;
 spf=fail smtp.mailfrom=lle-bout@HIDDEN
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net;
 s=default; t=1617284871;
 bh=AOx7hLq3/HVp10BiqVhCqHZimzDa8tkfv1jXRLzh4aQ=;
 h=Subject:From:To:Date:From;
 b=nyMIV6Gd7owLW7/xT8AxvCzRZSFjoTmxkGS0qpd0axZOkYSlURZYMrv68PzIQmnUP
 7bBaNG8LRbVZiGDLOcuhUvJVGrNERctB8CioI8m/JrDZOdKvnq1pYRfGEd0Ivf6Vy+
 GfzGFqhx/GaxQmlfzooKBbruDUhtlfKPCLqN/VWA=
Message-ID: <5880a0d2db58bae9f641e746f405fe4cd0e1bca3.camel@HIDDEN>
Subject: rust-stackvector package is vulnerable to CVE-2021-29939
From: =?ISO-8859-1?Q?L=E9o?= Le Bouter <lle-bout@HIDDEN>
To: bug-guix@HIDDEN
Date: Thu, 01 Apr 2021 15:47:51 +0200
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-SU+WlSjaF+Im5/dcf13Q"
User-Agent: Evolution 3.34.2 
MIME-Version: 1.0
Received-SPF: pass client-ip=178.33.93.72; envelope-from=lle-bout@HIDDEN;
 helo=mail.zaclys.net
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 1.4 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: CVE-2021-29939 07:15 An issue was discovered in the
 stackvector
 crate through 2021-02-19 for Rust. There is an out-of-bounds write in
 StackVec::extend
 if size_hint provides certain anomalous data. No fix released upstream yet:
 https://github.com/Alexhuszagh/rust-stackvector/issues/2 
 Content analysis details:   (1.4 points, 10.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 1.0 SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
 0.0 RCVD_IN_MSPIKE_H4      RBL: Very Good reputation (+4)
 [209.51.188.17 listed in wl.mailspike.net]
 -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,
 medium trust [209.51.188.17 listed in list.dnswl.org]
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
 2.7 MAY_BE_FORGED          Relay IP's reverse DNS does not resolve to IP
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)


--=-SU+WlSjaF+Im5/dcf13Q
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

CVE-2021-29939	07:15
An issue was discovered in the stackvector crate through 2021-02-19 for
Rust. There is an out-of-bounds write in StackVec::extend if size_hint
provides certain anomalous data.

No fix released upstream yet:=20
https://github.com/Alexhuszagh/rust-stackvector/issues/2

Out of bounds write sounds like it could have dangerous consequences,
not sure how likely is "size_hint provides certain anomalous data"
though.

--=-SU+WlSjaF+Im5/dcf13Q
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBlzwcACgkQRaix6GvN
EKazwA//ZG+U8hJ1tuaHCCzjr9Dn5hcEF2KDVF9qFTYU9E+8t6xb7vlOJY8BaKRU
vH5mun34RYDl1b1VnQ1n1XOmk29cZyU1xa8w2Wv4LIjD7ByjyfqVQ4p64AODEAX/
Evg8V8CBx176ANgcVYqC0d1QlBVkyEMvs54qDk+WxGqLWrxzPPgyPQvoGl7ZT6M2
5aqXUMDwvL0HVGSMr3NiI00s5uAmY1STKNUktGu7APmdMAZj9Zd96NNOiZGRgn0b
wZ0I0t7NrUNNam4RjGYYc7quyHJVZFD107R3eEbN7BX4AyZm9LXuTwxa/EALBQyD
SizLRGmjs3/70IQln7u78PU7FTzAQe6RIDxMEqB+jQMrFC8xZ8ltiuG+FCtWhrzN
l4OfoCLZjAwCxW2P3RGeF6YxmMrfAIBTXaTUWQHBO3sMRRmmWX3yr5ozo+2bgWpr
Yc1TmkGgkHE3bENNMGnXp5G7+hyd+DS/0iIB+TL7gNT0FnzrXfoF2neU+1o6hHkt
UfJ7oCd46Ss2P7KTB7UMPVKLofeXclPP+b+W2M0c8RQkNr3EDzT6PX3ugrA2ASEP
SL/G5icXR1I0R7kQKe5+dl358O+jesWcY1JlkW52O32ka+SUcZ9lKaCEbzHwGUDw
ri7j0w2m+8lVt1/ebjQSJsCbOrbosUSwEIjDzAtjP4PF+gxBmcQ=
=oBOJ
-----END PGP SIGNATURE-----

--=-SU+WlSjaF+Im5/dcf13Q--





Acknowledgement sent to Léo Le Bouter <lle-bout@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-guix@HIDDEN. Full text available.
Report forwarded to bug-guix@HIDDEN:
bug#47542; Package guix. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Thu, 1 Apr 2021 14:00:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.