Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2020-36323: CVE-2020-36323 rust: optimization for joining strings can cause uninitialized bytes to be exposed (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Red Hat: CVE-2020-36323: CVE-2020-36323 rust: optimization for joining strings can cause uninitialized bytes to be exposed (Multiple Advisories)

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:P)

Published

04/14/2021

Created

08/12/2021

Added

08/12/2021

Modified

12/15/2023

Description

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

Solution(s)

redhat-upgrade-cargo
redhat-upgrade-cargo-debuginfo
redhat-upgrade-cargo-doc
redhat-upgrade-clippy
redhat-upgrade-clippy-debuginfo
redhat-upgrade-rls
redhat-upgrade-rls-debuginfo
redhat-upgrade-rust
redhat-upgrade-rust-analysis
redhat-upgrade-rust-debugger-common
redhat-upgrade-rust-debuginfo
redhat-upgrade-rust-debugsource
redhat-upgrade-rust-doc
redhat-upgrade-rust-gdb
redhat-upgrade-rust-lldb
redhat-upgrade-rust-src
redhat-upgrade-rust-std-static
redhat-upgrade-rust-toolset
redhat-upgrade-rustfmt
redhat-upgrade-rustfmt-debuginfo

References

CVE-2020-36323
RHSA-2021:3063

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2020-36323: CVE-2020-36323 rust: optimization for joining strings can cause uninitialized bytes to be exposed (Multiple Advisories)

Red Hat: CVE-2020-36323: CVE-2020-36323 rust: optimization for joining strings can cause uninitialized bytes to be exposed (Multiple Advisories)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.