CVE-2020-26235 - Vulnerability Details - OpenCVE

In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected functions are time::UtcOffset::local_offset_at, time::UtcOffset::try_local_offset_at, time::UtcOffset::current_local_offset, time::UtcOffset::try_current_local_offset, time::OffsetDateTime::now_local and time::OffsetDateTime::try_now_local. Non-Unix targets are unaffected. This includes Windows and wasm. The issue was introduced in version 0.2.7 and fixed in version 0.2.23.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00784.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Time Project	Time

Configuration 1 [-]

AND

cpe:2.3:a:time_project:time:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://crates.io/crates/time/0.2.23
https://github.com/time-rs/time/issues/293
https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-11-24T21:20:14

Updated: 2024-08-04T15:56:03.095Z

Reserved: 2020-10-01T00:00:00

Link: CVE-2020-26235

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-11-24T22:15:11.657

Modified: 2024-11-21T05:19:36.927

Link: CVE-2020-26235

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "time", "vendor": "time-rs", "versions": [{"status": "affected", "version": ">= 0.2.7, <0.2.23"}]}], "descriptions": [{"lang": "en", "value": "In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected functions are time::UtcOffset::local_offset_at, time::UtcOffset::try_local_offset_at, time::UtcOffset::current_local_offset, time::UtcOffset::try_current_local_offset, time::OffsetDateTime::now_local and time::OffsetDateTime::try_now_local. Non-Unix targets are unaffected. This includes Windows and wasm. The issue was introduced in version 0.2.7 and fixed in version 0.2.23."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-11-24T21:20:14", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/time-rs/time/issues/293"}, {"tags": ["x_refsource_MISC"], "url": "https://crates.io/crates/time/0.2.23"}], "source": {"advisory": "GHSA-wcg3-cvx6-7396", "discovery": "UNKNOWN"}, "title": "Segmentation fault in Rust time crate", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-26235", "STATE": "PUBLIC", "TITLE": "Segmentation fault in Rust time crate"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "time", "version": {"version_data": [{"version_value": ">= 0.2.7, <0.2.23"}]}}]}, "vendor_name": "time-rs"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected functions are time::UtcOffset::local_offset_at, time::UtcOffset::try_local_offset_at, time::UtcOffset::current_local_offset, time::UtcOffset::try_current_local_offset, time::OffsetDateTime::now_local and time::OffsetDateTime::try_now_local. Non-Unix targets are unaffected. This includes Windows and wasm. The issue was introduced in version 0.2.7 and fixed in version 0.2.23."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-476 NULL Pointer Dereference"}]}]}, "references": {"reference_data": [{"name": "https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396", "refsource": "CONFIRM", "url": "https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396"}, {"name": "https://github.com/time-rs/time/issues/293", "refsource": "MISC", "url": "https://github.com/time-rs/time/issues/293"}, {"name": "https://crates.io/crates/time/0.2.23", "refsource": "MISC", "url": "https://crates.io/crates/time/0.2.23"}]}, "source": {"advisory": "GHSA-wcg3-cvx6-7396", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:56:03.095Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/time-rs/time/issues/293"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://crates.io/crates/time/0.2.23"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-26235", "datePublished": "2020-11-24T21:20:14", "dateReserved": "2020-10-01T00:00:00", "dateUpdated": "2024-08-04T15:56:03.095Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:time_project:time:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4D28992-1FA7-4FAD-9AF9-E0D8F1CA5DD9", "versionEndExcluding": "0.2.23", "versionStartIncluding": "0.2.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected functions are time::UtcOffset::local_offset_at, time::UtcOffset::try_local_offset_at, time::UtcOffset::current_local_offset, time::UtcOffset::try_current_local_offset, time::OffsetDateTime::now_local and time::OffsetDateTime::try_now_local. Non-Unix targets are unaffected. This includes Windows and wasm. The issue was introduced in version 0.2.7 and fixed in version 0.2.23."}, {"lang": "es", "value": "En el crate time de Rust desde la versi\u00f3n 0.2.7 y anterior a versi\u00f3n 0.2.23, los sistemas operativos tipo Unix pueden segregarse debido a la desreferenciaci\u00f3n de un puntero colgante en circunstancias espec\u00edficas. Esto requiere que el usuario configure cualquier variable de entorno en un hilo diferente al de las funciones afectadas. Las funciones afectadas son time::UtcOffset::local_offset_at, time::UtcOffset::try_local_offset_at, time::UtcOffset::current_local_offset, time::UtcOffset::try_current_local_offset, time::OffsetDateTime::now_local y time::OffsetDateTime::try_now_local. Los objetivos que no son Unix no est\u00e1n afectados. Esto incluye Windows y wasm. El problema se introdujo en la versi\u00f3n 0.2.7 y se corrigi\u00f3 en la versi\u00f3n 0.2.23"}], "id": "CVE-2020-26235", "lastModified": "2024-11-21T05:19:36.927", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-24T22:15:11.657", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://crates.io/crates/time/0.2.23"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/time-rs/time/issues/293"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://crates.io/crates/time/0.2.23"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/time-rs/time/issues/293"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}