CVE-2021-26306: Soundness issue in raw-cpuid

August 25, 2021 (updated June 13, 2023)

VendorInfo::as_string(), SoCVendorBrand::as_string(), and ExtendedFunctionInfo::processor_brand_string() construct byte slices using std::slice::from_raw_parts(), with data coming from #[repr(Rust)] structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs #[repr(C)].

References

github.com/RustSec/advisory-db/pull/614
github.com/advisories/GHSA-hvqc-pc78-x9wh
github.com/gz/rust-cpuid
github.com/gz/rust-cpuid/issues/40
nvd.nist.gov/vuln/detail/CVE-2021-26306
rustsec.org/advisories/RUSTSEC-2021-0013.html

Code Behaviors & Features

Detect and mitigate CVE-2021-26306 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →