Medium severity5.5NVD Advisory· Published Jan 29, 2021· Updated Jun 17, 2026
CVE-2021-26307
CVE-2021-26307
Description
An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It allows __cpuid_count() calls even if the processor does not support the CPUID instruction, which is unsound and causes a deterministic crash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
raw-cpuidcrates.io | < 9.0.0 | 9.0.0 |
Affected products
2- raw-cpuid crate/raw-cpuid cratedescription
Patches
Vulnerability mechanics
References
7- rustsec.org/advisories/RUSTSEC-2021-0013.htmlnvdExploitVendor AdvisoryWEB
- github.com/advisories/GHSA-jrf8-cmgg-gv2mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-26307ghsaADVISORY
- github.com/RustSec/advisory-db/pull/614ghsaWEB
- github.com/gz/rust-cpuid/commit/91b676eecd01f2163e2984215e2c0ac89e30ce75ghsaWEB
- github.com/gz/rust-cpuid/issues/40ghsaWEB
- github.com/gz/rust-cpuid/issues/41ghsaWEB
News mentions
0No linked articles in our index yet.