CVE-2020-36219: Data race in atomic-option

August 25, 2021

An issue was discovered in the atomic-option crate through 2020-10-31 for Rust. Because AtomicOption implements Sync unconditionally, a data race can occur.

References

github.com/advisories/GHSA-8gf5-q9p9-wvmc
github.com/reem/rust-atomic-option
github.com/reem/rust-atomic-option/issues/4
nvd.nist.gov/vuln/detail/CVE-2020-36219
rustsec.org/advisories/RUSTSEC-2020-0113.html

Code Behaviors & Features

Detect and mitigate CVE-2020-36219 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →