Skip to content

Maligned causes incorrect deallocation

Moderate severity GitHub Reviewed Published Mar 7, 2023 to the GitHub Advisory Database • Updated Mar 7, 2023

Package

cargo maligned (Rust)

Affected versions

<= 0.2.1

Patched versions

None

Description

maligned::align_first manually allocates with an alignment larger than T, and then uses Vec::from_raw_parts on that allocation to get a Vec<T>.

GlobalAlloc::dealloc requires that the layout argument must be the same layout that was used to allocate that block of memory.

When deallocating, Box and Vec may not respect the specified alignment and can cause undefined behavior.

References

Published to the GitHub Advisory Database Mar 7, 2023
Reviewed Mar 7, 2023
Last updated Mar 7, 2023

Severity

Moderate

EPSS score

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-wm8x-php5-hvq6

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.