High severityNVD Advisory· Published Dec 26, 2021· Updated Aug 4, 2024
CVE-2021-45710
CVE-2021-45710
Description
An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tokiocrates.io | >= 0.1.14, < 1.8.4 | 1.8.4 |
tokiocrates.io | >= 1.9.0, < 1.13.1 | 1.13.1 |
Affected products
25- rust/tokiodescription
- ghsa-coords24 versionspkg:cargo/tokiopkg:rpm/opensuse/389-ds&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/389-ds&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cargo-c&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/greetd&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/kanidm&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/rustscan&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/rustup&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/rustup&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/sccache&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/sccache&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/sccache&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/sccache&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/spotifyd&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/tealdeer&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/tuigreet&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/zram-generator&distro=openSUSE%20Tumbleweedpkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP3pkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4pkg:rpm/suse/kanidm&distro=SUSE%20Package%20Hub%2015%20SP6pkg:rpm/suse/rustup&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/sccache&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/sccache&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/sccache&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5
>= 0.1.14, < 1.8.4+ 23 more
- (no CPE)range: >= 0.1.14, < 1.8.4
- (no CPE)range: < 1.4.4.19~git59.136fc84-150300.3.27.1
- (no CPE)range: < 2.0.16~git56.d15a0a7-150400.3.15.1
- (no CPE)range: < 0.8.1~git0.cce1b08-2.1
- (no CPE)range: < 0.8.0-2.1
- (no CPE)range: < 1.3.3~git0.f075d13-bp156.4.1
- (no CPE)range: < 2.0.1+0-1.1
- (no CPE)range: < 1.25.1~0-150300.7.13.2
- (no CPE)range: < 1.24.3~git1.0a74fef5-2.1
- (no CPE)range: < 0.3.0~git5.14a4b8b-150300.7.9.1
- (no CPE)range: < 0.4.2~3-150400.3.3.1
- (no CPE)range: < 0.4.2~3-150400.3.3.1
- (no CPE)range: < 0.2.15~git0.6b6d2f7-8.1
- (no CPE)range: < 0.3.3-2.1
- (no CPE)range: < 1.5.0+0-1.1
- (no CPE)range: < 0.7.1-3.1
- (no CPE)range: < 1.1.1~git5.8612dbb-1.1
- (no CPE)range: < 1.4.4.19~git59.136fc84-150300.3.27.1
- (no CPE)range: < 2.0.16~git56.d15a0a7-150400.3.15.1
- (no CPE)range: < 1.3.3~git0.f075d13-bp156.4.1
- (no CPE)range: < 1.25.1~0-150300.7.13.2
- (no CPE)range: < 0.3.0~git5.14a4b8b-150300.7.9.1
- (no CPE)range: < 0.4.2~3-150400.3.3.1
- (no CPE)range: < 0.4.2~3-150400.3.3.1
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-fg7r-2g4j-5cgrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-45710ghsaADVISORY
- github.com/tokio-rs/tokio/issues/4225ghsaWEB
- raw.githubusercontent.com/rustsec/advisory-db/main/crates/tokio/RUSTSEC-2021-0124.mdghsax_refsource_MISCWEB
- rustsec.org/advisories/RUSTSEC-2021-0124.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.