GHSA-MP6R-FGW2-RXFX

Vulnerability from github – Published: 2021-08-25 20:53 – Updated: 2023-06-13 22:28
VLAI?
Summary
Arbitrary return types in xcb
Details

The function xcb::xproto::GetPropertyReply::value() returns a slice of type T where T is an unconstrained type parameter. The raw bytes received from the X11 server are interpreted as the requested type. The users of the xcb crate are advised to only call this function with the intended types. These are u8, u16, and u32.

This issue is tracked here: https://github.com/rust-x-bindings/rust-xcb/issues/95

Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Show details on source website
To clipboard Create KEV Entry 

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "xcb"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-26956"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-657"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T17:35:46Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "The function xcb::xproto::GetPropertyReply::value() returns a slice of type T where T is an unconstrained type parameter. The raw bytes received from the X11 server are interpreted as the requested type. The users of the xcb crate are advised to only call this function with the intended types. These are u8, u16, and u32.\n\nThis issue is tracked here: https://github.com/rust-x-bindings/rust-xcb/issues/95",
  "id": "GHSA-mp6r-fgw2-rxfx",
  "modified": "2023-06-13T22:28:51Z",
  "published": "2021-08-25T20:53:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26956"
    },
    {
      "type": "WEB",
      "url": "https://github.com/RustSec/advisory-db/issues/653"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-x-bindings/rust-xcb/issues/95"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rtbo/rust-xcb"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2021-0019.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Arbitrary return types in xcb"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.