CVE-2021-28875

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-28875
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-28875.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-28875
Related
Published
2021-04-11T20:15:12Z
Modified
2024-10-12T07:14:44.727107Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the standard library in Rust before 1.50.0, readtoend() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.

References

Affected packages

Debian:11 / rustc

Package

Name
rustc
Purl
pkg:deb/debian/rustc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.48.0+dfsg1-2
1.49.0~beta.4+dfsg1-1~exp1
1.49.0+dfsg1-1~exp1
1.49.0+dfsg1-1
1.49.0+dfsg1-2
1.50.0+dfsg1-1~exp1
1.50.0+dfsg1-1~exp2
1.50.0+dfsg1-1~exp3
1.50.0+dfsg1-1~exp4
1.50.0+dfsg1-1
1.51.0+dfsg1-1~exp1
1.51.0+dfsg1-1~exp2
1.51.0+dfsg1-1~exp3
1.51.0+dfsg1-1
1.52.0~beta.3+dfsg1-1~exp1
1.52.0~beta.3+dfsg1-1~exp2
1.52.0~beta.3+dfsg1-1~exp3
1.52.0~beta.3+dfsg1-1~exp4
1.52.0+dfsg1-1~exp1
1.52.1+dfsg1-1~exp1
1.52.1+dfsg1-1~exp2
1.52.1+dfsg1-1~exp3
1.52.1+dfsg1-1
1.53.0+dfsg1-1~exp1
1.53.0+dfsg1-1
1.53.0+dfsg1-2
1.53.0+dfsg1-3
1.53.0+dfsg1-4
1.54.0+dfsg1-1~exp1
1.54.0+dfsg1-1
1.54.0+dfsg1-2
1.54.0+dfsg1-3
1.55.0+dfsg1-0
1.55.0+dfsg1-1~exp1
1.55.0+dfsg1-1
1.55.0+dfsg1-2
1.56.0~beta.4+dfsg1-1~exp1
1.56.0~beta.4+dfsg1-1~exp2
1.56.0+dfsg1-1
1.56.0+dfsg1-2
1.57.0+dfsg1-1~exp1
1.57.0+dfsg1-1
1.58.1+dfsg1-1~exp1
1.58.1+dfsg1-1
1.59.0+dfsg1-1~exp1
1.59.0+dfsg1-1
1.59.0+dfsg1-2
1.60.0+dfsg1-1~exp1
1.60.0+dfsg1-1
1.61.0+dfsg1-1~exp1
1.61.0+dfsg1-1
1.61.0+dfsg1-2
1.62.1+dfsg1-1~exp1
1.62.1+dfsg1-1
1.63.0+dfsg1-1~exp1
1.63.0+dfsg1-1
1.63.0+dfsg1-2
1.64.0+dfsg1-1~exp1
1.64.0+dfsg1-1~exp2
1.64.0+dfsg1-1~exp3
1.64.0+dfsg1-1~exp4
1.64.0+dfsg1-1
1.65.0+dfsg1-1~exp1
1.65.0+dfsg1-1~exp2
1.65.0+dfsg1-1~exp3
1.65.0+dfsg1-1
1.65.0+dfsg1-2
1.66.0+dfsg1-1~exp1
1.66.0+dfsg1-1
1.67.1+dfsg1-1~exp1
1.67.1+dfsg1-1
1.68.2+dfsg1-1~exp1
1.68.2+dfsg1-1
1.69.0+dfsg1-1~exp1
1.69.0+dfsg1-1~exp2
1.69.0+dfsg1-1
1.70.0+dfsg1-1~exp1
1.70.0+dfsg1-1~exp2
1.70.0+dfsg1-1~exp3
1.70.0+dfsg1-1
1.70.0+dfsg1-2~exp1
1.70.0+dfsg1-2
1.70.0+dfsg1-3
1.70.0+dfsg1-4
1.70.0+dfsg1-5
1.70.0+dfsg1-6
1.70.0+dfsg1-7
1.70.0+dfsg1-8
1.70.0+dfsg1-8.1
1.70.0+dfsg1-9
1.70.0+dfsg2-1~exp1
1.70.0+dfsg2-1~exp2
1.70.0+dfsg2-1~exp3
1.70.0+dfsg2-1
1.70.0+dfsg2-1+loong64
1.71.1+dfsg1-1~exp1
1.71.1+dfsg1-1~exp2
1.71.1+dfsg1-1
1.71.1+dfsg1-2
1.72.1+dfsg1-1~exp1
1.72.1+dfsg1-1~exp2
1.72.1+dfsg1-1
1.72.1+dfsg1-1+hurd.1
1.73.0+dfsg1-1~exp1
1.73.0+dfsg1-1
1.73.0+dfsg1-1+hurd.1
1.73.0+dfsg1-1+loong64
1.74.1+dfsg1-1~exp1
1.74.1+dfsg1-1
1.74.1+dfsg1-1+hurd.1
1.75.0+dfsg1-1~exp1
1.75.0+dfsg1-1
1.75.0+dfsg1-2
1.75.0+dfsg1-3
1.75.0+dfsg1-4
1.75.0+dfsg1-4+hurd.1
1.75.0+dfsg1-5
1.76.0+dfsg1-1~exp1
1.76.0+dfsg1-1
1.76.0+dfsg1-1+hurd.1
1.77.2+dfsg1-1~exp1
1.77.2+dfsg1-1
1.78.0+dfsg1-1~exp1
1.78.0+dfsg1-2
1.79.0+dfsg1-1~exp1
1.79.0+dfsg1-1
1.79.0+dfsg1-2
1.79.0+dfsg1-2+hurd.1
1.80.0+dfsg1-1~exp1
1.80.1+dfsg1-1~exp1
1.80.1+dfsg1-1
1.80.1+dfsg1-1+hurd.1
1.81.0+dfsg1-1~exp1
1.81.0+dfsg1-1~exp2
1.81.0+dfsg1-1
1.81.0+dfsg1-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / rustc

Package

Name
rustc
Purl
pkg:deb/debian/rustc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.53.0+dfsg1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / rustc

Package

Name
rustc
Purl
pkg:deb/debian/rustc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.53.0+dfsg1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/rust-lang/rust

Affected ranges

Type
GIT
Repo
https://github.com/rust-lang/rust
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed