Skip to content

Use-after-free when setting the locale

Moderate severity GitHub Reviewed Published Jan 23, 2024 to the GitHub Advisory Database • Updated Jan 23, 2024

Package

cargo rust-i18n-support (Rust)

Affected versions

>= 3.0.0, < 3.0.1

Patched versions

3.0.1

Description

Version 3.0.0 introduced an AtomicStr type, that is used to store the current locale. It stores the locale as a raw pointer to an Arc<String>. The locale can be read with AtomicStr::as_str(). AtomicStr::as_str() does not increment the usage counter of the Arc.

If the locale is changed in one thread, another thread can have a stale -- possibly already freed -- reference to the stored string.

References

Published to the GitHub Advisory Database Jan 23, 2024
Reviewed Jan 23, 2024
Last updated Jan 23, 2024

Severity

Moderate

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-c8v3-jhv9-4ppc

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.