CVE-2022-23639 - OpenCVE

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Crossbeam Project	Crossbeam

Configuration 1 [-]

cpe:2.3:a:crossbeam_project:crossbeam:*:*:*:*:*:rust:*:*

No data.

References

Link	Providers
https://github.com/crossbeam-rs/crossbeam/pull/781
https://github.com/crossbeam-rs/crossbeam/releases/tag/crossbeam-utils-0.8.7
https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-qc84-gqf4-9926

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-02-15T18:20:10

Updated: 2024-08-03T03:51:44.181Z

Reserved: 2022-01-19T00:00:00

Link: CVE-2022-23639

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-02-15T19:15:08.340

Modified: 2023-02-10T16:28:40.170

Link: CVE-2022-23639

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "crossbeam", "vendor": "crossbeam-rs", "versions": [{"status": "affected", "version": "< 0.8.7"}]}], "descriptions": [{"lang": "en", "value": "crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-362", "description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-02-15T18:20:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-qc84-gqf4-9926"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/crossbeam-rs/crossbeam/pull/781"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/crossbeam-rs/crossbeam/releases/tag/crossbeam-utils-0.8.7"}], "source": {"advisory": "GHSA-qc84-gqf4-9926", "discovery": "UNKNOWN"}, "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-23639", "STATE": "PUBLIC", "TITLE": "Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "crossbeam", "version": {"version_data": [{"version_value": "< 0.8.7"}]}}]}, "vendor_name": "crossbeam-rs"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-qc84-gqf4-9926", "refsource": "CONFIRM", "url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-qc84-gqf4-9926"}, {"name": "https://github.com/crossbeam-rs/crossbeam/pull/781", "refsource": "MISC", "url": "https://github.com/crossbeam-rs/crossbeam/pull/781"}, {"name": "https://github.com/crossbeam-rs/crossbeam/releases/tag/crossbeam-utils-0.8.7", "refsource": "MISC", "url": "https://github.com/crossbeam-rs/crossbeam/releases/tag/crossbeam-utils-0.8.7"}]}, "source": {"advisory": "GHSA-qc84-gqf4-9926", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:51:44.181Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-qc84-gqf4-9926"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/crossbeam-rs/crossbeam/pull/781"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/crossbeam-rs/crossbeam/releases/tag/crossbeam-utils-0.8.7"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-23639", "datePublished": "2022-02-15T18:20:10", "dateReserved": "2022-01-19T00:00:00", "dateUpdated": "2024-08-03T03:51:44.181Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:crossbeam_project:crossbeam:*:*:*:*:*:rust:*:*", "matchCriteriaId": "7C3287EB-A254-4840-815A-A3669991664F", "versionEndExcluding": "0.8.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds."}, {"lang": "es", "value": "crossbeam-utils proporciona at\u00f3micos, primitivas de sincronizaci\u00f3n, hilos de alcance y otras utilidades para la programaci\u00f3n concurrente en Rust. crossbeam-utils versiones anteriores a 0.8.7, asum\u00eda incorrectamente que la alineaci\u00f3n de \"{i,u}64\" era siempre la misma que \"Atomic{I,U}64\". Sin embargo, la alineaci\u00f3n de \"{i,u}64\" en un objetivo de 32 bits puede ser menor que \"Atomic{I,U}64\". Esto puede causar accesos a memoria no alineados y carreras de datos. Los crates que usan m\u00e9todos \"fetch_*\" con \"AtomicCell({i,u}64)\" est\u00e1n afectados por este problema. Los objetivos de 32 bits sin \"Atomic{I,U}64\" y los objetivos de 64 bits no est\u00e1n afectados por este problema. Esto ha sido corregido en crossbeam-utils versi\u00f3n 0.8.7. Actualmente no se presentan medidas de mitigaci\u00f3n conocidas"}], "id": "CVE-2022-23639", "lastModified": "2023-02-10T16:28:40.170", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-02-15T19:15:08.340", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/crossbeam-rs/crossbeam/pull/781"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/crossbeam-rs/crossbeam/releases/tag/crossbeam-utils-0.8.7"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-qc84-gqf4-9926"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Secondary"}]}