Bug 1184744 (CVE-2020-36323) - VUL-0: CVE-2020-36323: rust: optimization for joining strings could exposed uninitialized bytes or cause a denial of service
Summary: VUL-0: CVE-2020-36323: rust: optimization for joining strings could exposed u...
Status: RESOLVED FIXED
Alias: CVE-2020-36323
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Minor
Target Milestone: ---
Assignee: William Brown
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/282008/
Whiteboard: CVSSv3.1:SUSE:CVE-2020-36323:6.5:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-14 14:26 UTC by Robert Frohl
Modified: 2022-01-21 12:58 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2021-04-14 14:26:52 UTC 
CVE-2020-36323

In the standard library in Rust before 1.50.3, there is an optimization for
joining strings that can cause uninitialized bytes to be exposed (or the program
to crash) if the borrowed string changes after its length is checked.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-36323
https://github.com/rust-lang/rust/issues/80335
https://github.com/rust-lang/rust/pull/81728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36323
Comment 1 Robert Frohl 2021-04-14 14:44:24 UTC 
tracking as affected:

- SUSE:SLE-15:Update/rust
- SUSE:SLE-15-SP1:Update/rust

already fixed in openSUSE:Factory
Comment 2 Robert Frohl 2022-01-21 12:58:01 UTC 
Does not affect any supported version anymore. Updated tracking. Closing