Headline
GHSA-jcr6-4frq-9gjj: Users vulnerable to unaligned read of `*const *const c_char` pointer
Affected versions dereference a potentially unaligned pointer. The pointer is commonly unaligned in practice, resulting in undefined behavior.
In some build modes, this is observable as a panic followed by abort. In other build modes the UB may manifest in some other way, including the possibility of working correctly in some architectures.
The crate is not currently maintained, so a patched version is not available.
Recommended alternatives
Skip to content
Actions
Automate any workflow
Packages
Host and manage packages
Security
Find and fix vulnerabilities
Codespaces
Instant dev environments
Copilot
Write better code with AI
Code review
Manage code changes
Issues
Plan and track work
Discussions
Collaborate outside of code
GitHub Sponsors
Fund open source developers
* The ReadME Project
GitHub community articles
- Pricing
- GitHub Advisory Database
- GitHub Reviewed
- GHSA-jcr6-4frq-9gjj
Users vulnerable to unaligned read of `*const *const c_char` pointer
Moderate severity GitHub Reviewed Published Sep 11, 2023 to the GitHub Advisory Database • Updated Sep 11, 2023
Package
cargo users (Rust)
Affected versions
<= 0.11.0
Description
Affected versions dereference a potentially unaligned pointer. The pointer is commonly unaligned in practice, resulting in undefined behavior.
In some build modes, this is observable as a panic followed by abort. In other build modes the UB may manifest in some other way, including the possibility of working correctly in some architectures.
The crate is not currently maintained, so a patched version is not available.
Recommended alternatives
- sysinfo
References
- ogham/rust-users#55
- https://rustsec.org/advisories/RUSTSEC-2023-0059.html
Published to the GitHub Advisory Database
Sep 11, 2023
Last updated
Sep 11, 2023