File tree 1 file changed +25
-0
lines changed
1 file changed +25
-0
lines changed Original file line number Diff line number Diff line change 1+ ``` toml
2+ [advisory ]
3+ id = " RUSTSEC-0000-0000"
4+ package = " xmas-elf"
5+ date = " 2025-03-26"
6+ url = " https://github.com/nrc/xmas-elf/issues/86"
7+ categories = [" memory-exposure"
8+
9+ [affected ]
10+ functions = { "xmas_elf::hash::HashTable::get_bucket" = [" <0.10" "xmas_elf::hash::HashTable::get_chain" = [" <0.10"
11+
12+ [versions ]
13+ patched = [" >=0.10"
14+ ```
15+
16+ # Potential out-of-bounds read with a malformed ELF file and the HashTable API.
17+
18+ Affected versions of this crate only validated the ` index ` argument of
19+ ` HashTable::get_bucket ` and ` HashTable::get_chain ` against the input-controlled
20+ ` bucket_count ` and ` chain_count ` fields, but not against the size of the ELF
21+ section. As a result, a malformed ELF file could trigger out-of-bounds reads in
22+ a consumer of the HashTable API by setting these fields to inappropriately large
23+ values that would fall outside the relevant hash table section, and by
24+ introducing correspondingly out-of-bounds hash table indexes elsewhere in the ELF
25+ file.
You can’t perform that action at this time.
0 commit comments