| Revision Date: | 2019-05-13 | Version: | 1 | | Title: | CVE-2019-12083 on Ubuntu 18.10 (cosmic) - medium. | | Description: | The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2019-12083
| | Platform(s): | Ubuntu 18.10
| Product(s): | | | Definition Synopsis | | Ubuntu 18.10 (cosmic) is installed. AND Package Information
NOT libstd-rust-1.32 package in cosmic, while related to the CVE in some way, is not affected (note: 'only affected nightly in this version').
OR NOT rust-gdb package in cosmic, while related to the CVE in some way, is not affected (note: 'only affected nightly in this version').
OR NOT rust-lldb package in cosmic, while related to the CVE in some way, is not affected (note: 'only affected nightly in this version').
OR NOT rust-src package in cosmic, while related to the CVE in some way, is not affected (note: 'only affected nightly in this version').
OR NOT rustc package in cosmic, while related to the CVE in some way, is not affected (note: 'only affected nightly in this version').
|
|