Skip to content

Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound when used with cell::Ref or cell::RefMut

Low severity GitHub Reviewed Published Dec 14, 2023 in google/zerocopy • Updated Dec 18, 2023

Package

cargo zerocopy (Rust)

Affected versions

>= 0.2.2, < 0.2.9
>= 0.3.0, < 0.3.2
= 0.4.0
>= 0.5.0, < 0.5.2
>= 0.6.0, < 0.6.6
>= 0.7.0, < 0.7.31

Patched versions

0.2.9
0.3.2
0.4.1
0.5.2
0.6.6
0.7.31

Description

This advisory is also published as RUSTSEC-2023-0074.

The Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound and may allow safe code to exhibit undefined behavior when used with Ref<B, T> where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B types other than cell::Ref or cell::RefMut.

See google/zerocopy#716 for a more in-depth analysis.

The current plan is to yank the affected versions soon. See google/zerocopy#679 for more detail.

References

@joshlf joshlf published to google/zerocopy Dec 14, 2023
Published to the GitHub Advisory Database Dec 15, 2023
Reviewed Dec 15, 2023
Last updated Dec 18, 2023

Severity

Low

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-3mv5-343c-w2qg

Source code

Checking history
See something to contribute? Suggest improvements for this vulnerability.