Skip to content

unsafe-libyaml unaligned write of u64 on 32-bit and 16-bit platforms

Moderate severity GitHub Reviewed Published Dec 21, 2023 to the GitHub Advisory Database • Updated Dec 21, 2023

Package

cargo unsafe-libyaml (Rust)

Affected versions

< 0.2.10

Patched versions

0.2.10

Description

Affected versions allocate memory using the alignment of usize and write data to it of type u64, without using core::ptr::write_unaligned. In platforms with sub-64bit alignment for usize (including wasm32 and x86) these writes are insufficiently aligned some of the time.

If using an ordinary optimized standard library, the bug exhibits Undefined Behavior so may or may not behave in any sensible way, depending on optimization settings and hardware and other things. If using a Rust standard library built with debug assertions enabled, the bug manifests deterministically in a crash (non-unwinding panic) saying "ptr::write requires that the pointer argument is aligned and non-null".

No 64-bit platform is impacted by the bug.

The flaw was corrected by allocating with adequately high alignment on all
platforms.

References

Published to the GitHub Advisory Database Dec 21, 2023
Reviewed Dec 21, 2023
Last updated Dec 21, 2023

Severity

Moderate

EPSS score

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-r24f-hg58-vfrw
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.