CVE-2017-20004
Description
In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions.
References
PatchThird Party Advisory
PatchThird Party Advisory
CvssV3 impact
BaseSeverity | MEDIUM |
ConfidentialityImpact | NONE |
AttackComplexity | HIGH |
Scope | UNCHANGED |
AttackVector | NETWORK |
AvailabilityImpact | NONE |
IntegrityImpact | HIGH |
PrivilegesRequired | NONE |
BaseScore | 5.9 |
VectorString | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
Version | 3.1 |
UserInteraction | NONE |
CvssV2 impact
AccessComplexity | MEDIUM |
ConfidentialityImpact | NONE |
AvailabilityImpact | NONE |
IntegrityImpact | PARTIAL |
BaseScore | 4.3 |
VectorString | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | NONE |