Skip to content

`ruzstd` uninit and out-of-bounds memory reads

Moderate severity GitHub Reviewed Published Dec 2, 2024 to the GitHub Advisory Database

Package

cargo ruzstd (Rust)

Affected versions

>= 0.7.0, < 0.7.3

Patched versions

0.7.3

Description

Affected versions of ruzstd miscalculate the length of the allocated and init section of its internal RingBuffer, leading to uninitialized or out-of-bounds reads in copy_bytes_overshooting of up to 15 bytes.

This may result in up to 15 bytes of memory contents being written into the decoded data when decompressing a crafted archive. This may occur multiple times per archive.

References

Published to the GitHub Advisory Database Dec 2, 2024
Reviewed Dec 2, 2024

Severity

Moderate

EPSS score

Weaknesses

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer. Learn more on MITRE.

CVE ID

No known CVE

GHSA ID

GHSA-x3f4-45xf-rjm7

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.