Bug 1180579 (CVE-2019-25008) - VUL-0: CVE-2019-25008: rust: An issue related to HeaderMap::reserve() was discovered in the http crate before 0.1.20 for Rust
Summary: VUL-0: CVE-2019-25008: rust: An issue related to HeaderMap::reserve() was dis...
Status: RESOLVED FIXED
Alias: CVE-2019-25008
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Minor
Target Milestone: ---
Assignee: William Brown
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/274328/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-01-05 13:21 UTC by Robert Frohl
Modified: 2022-01-21 12:34 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2021-01-05 13:21:22 UTC 
CVE-2019-25008

An issue was discovered in the http crate before 0.1.20 for Rust.
HeaderMap::reserve() has an integer overflow that allows attackers to cause a
denial of service.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-25008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25008
https://rustsec.org/advisories/RUSTSEC-2019-0033.html
Comment 1 Robert Frohl 2021-01-05 13:21:55 UTC 
rust embeds http 0.1.19, tracking these codestreams as affected:

- SUSE:SLE-15:Update/rust
- SUSE:SLE-15-SP1:Update/rust
Comment 2 Scott Reeves 2021-03-02 18:40:48 UTC 
Can you take this Federico...
Comment 3 Robert Frohl 2022-01-21 12:33:35 UTC 
also the http crate was removed with version 1.46.0 (by
6654c5852f76d6b55ebdacc0d428cad5b3dbdbed)

Which means SLE15-SP3 is not affected, because rust1.43 is out of support.
SLE15 and SLE15-SP1 are now on 1.53.
Comment 4 Robert Frohl 2022-01-21 12:34:25 UTC 
closing