An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It allows __cpuid_count() calls even if the processor does not support the CPUID instruction, which is unsound and causes a deterministic crash.
References
Link | Resource |
---|---|
https://rustsec.org/advisories/RUSTSEC-2021-0013.html | Exploit Vendor Advisory |
Configurations
History
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
03 Feb 2021, 21:10
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:raw-cpuid_project:raw-cpuid:*:*:*:*:*:rust:*:* | |
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 5.5 |
References | (MISC) https://rustsec.org/advisories/RUSTSEC-2021-0013.html - Exploit, Vendor Advisory | |
CWE | CWE-400 |
29 Jan 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-29 03:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-26307
Mitre link : CVE-2021-26307
CVE.ORG link : CVE-2021-26307
JSON object : View
Products Affected
raw-cpuid_project
- raw-cpuid
CWE