Critical severityNVD Advisory· Published Dec 26, 2021· Updated Aug 4, 2024
CVE-2021-45687
CVE-2021-45687
Description
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
raw-cpuidcrates.io | >= 3.1.0, < 9.1.1 | 9.1.1 |
Affected products
2- raw-cpuid/raw-cpuiddescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-w428-f65r-h4q2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-45687ghsaADVISORY
- github.com/gz/rust-cpuid/issues/43ghsaWEB
- raw.githubusercontent.com/rustsec/advisory-db/main/crates/raw-cpuid/RUSTSEC-2021-0089.mdghsax_refsource_MISCWEB
- rustsec.org/advisories/RUSTSEC-2021-0089.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.