VYPR
High severityNVD Advisory· Published Sep 7, 2022· Updated Apr 22, 2025

linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

CVE-2022-36086

Description

linked_list_allocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 * size_of:: because of metadata write operations. This vulnerability impacts all the initialization functions on the Heap and LockedHeap types, including Heap::new, Heap::init, Heap::init_from_slice, and LockedHeap::new. It also affects multiple uses of the Heap::extend method. Version 0.10.2 contains a patch for the issue. As a workaround, ensure that the heap is only initialized with a size larger than 3 * size_of:: and that the Heap::extend method is only called with sizes larger than 2 * size_of::(). Also, ensure that the total heap size is (and stays) a multiple of 2 * size_of::().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
linked_list_allocatorcrates.io
< 0.10.20.10.2

Affected products

3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.