685970 – =dev-lang/rust-1.34.{0,1}: CVE-2019-12083 If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities

Bug 685970 - =dev-lang/rust-1.34.{0,1}: CVE-2019-12083 If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities

Summary: =dev-lang/rust-1.34.{0,1}: CVE-2019-12083 If the `Error::type_id` method is ...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:	https://cve.mitre.org/cgi-bin/cvename...
Whiteboard:	A4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2019-05-14 17:59 UTC by Georgy Yakovlev
Modified:	2019-05-17 03:18 UTC (History)
CC List:	1 user (show)

See Also:
Package list:	dev-lang/rust-1.34.2 dev-lang/rust-bin-1.34.2 virtual/rust-1.34.2 virtual/cargo-1.34.2
Runtime testing required:	---

Flags:	stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Georgy Yakovlev archtester

2019-05-14 17:59:47 UTC

The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected.



Reproducible: Always

Comment 1 Georgy Yakovlev archtester

2019-05-14 18:01:53 UTC

changeset is tiny, we should fast-stable it, preparing bumps.
https://github.com/rust-lang/rust/compare/1.34.1...1.34.2

Comment 2 Larry the Git Cow gentoo-dev

2019-05-14 18:19:49 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d02d88f7b18fac92b8e9188c04577efcc202fd35

commit d02d88f7b18fac92b8e9188c04577efcc202fd35
Author:     Georgy Yakovlev <gyakovlev@gentoo.org>
AuthorDate: 2019-05-14 17:55:32 +0000
Commit:     Georgy Yakovlev <gyakovlev@gentoo.org>
CommitDate: 2019-05-14 18:19:23 +0000

    virtual/cargo: bump to 1.34.2
    
    Bug: https://bugs.gentoo.org/685970
    Package-Manager: Portage-2.3.66, Repoman-2.3.12
    Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

 virtual/cargo/cargo-1.34.2.ebuild | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=64716a9c2f8acdea15b44377ffd9828e4d0320d4

commit 64716a9c2f8acdea15b44377ffd9828e4d0320d4
Author:     Georgy Yakovlev <gyakovlev@gentoo.org>
AuthorDate: 2019-05-14 17:54:50 +0000
Commit:     Georgy Yakovlev <gyakovlev@gentoo.org>
CommitDate: 2019-05-14 18:19:22 +0000

    virtual/rust: bump to 1.34.2
    
    Bug: https://bugs.gentoo.org/685970
    Package-Manager: Portage-2.3.66, Repoman-2.3.12
    Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

 virtual/rust/rust-1.34.2.ebuild | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7eb49e5a05b5832684f17a3a6e61d1588c2e19b8

commit 7eb49e5a05b5832684f17a3a6e61d1588c2e19b8
Author:     Georgy Yakovlev <gyakovlev@gentoo.org>
AuthorDate: 2019-05-14 17:53:27 +0000
Commit:     Georgy Yakovlev <gyakovlev@gentoo.org>
CommitDate: 2019-05-14 18:19:21 +0000

    dev-lang/rust: security bump to 1.34.2
    
    Bug: https://bugs.gentoo.org/685970
    Package-Manager: Portage-2.3.66, Repoman-2.3.12
    Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

 dev-lang/rust/Manifest           |   1 +
 dev-lang/rust/rust-1.34.2.ebuild | 328 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 329 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa694fd5b0e54da0e24fefac770f2ce696f36ad7

commit aa694fd5b0e54da0e24fefac770f2ce696f36ad7
Author:     Georgy Yakovlev <gyakovlev@gentoo.org>
AuthorDate: 2019-05-14 17:52:03 +0000
Commit:     Georgy Yakovlev <gyakovlev@gentoo.org>
CommitDate: 2019-05-14 18:19:20 +0000

    dev-lang/rust-bin: security bump to 1.34.2
    
    Bug: https://bugs.gentoo.org/685970
    Package-Manager: Portage-2.3.66, Repoman-2.3.12
    Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

 dev-lang/rust-bin/Manifest               |  13 +++
 dev-lang/rust-bin/rust-bin-1.34.2.ebuild | 171 +++++++++++++++++++++++++++++++
 2 files changed, 184 insertions(+)

Comment 3 Mikle Kolyada (RETIRED) archtester

2019-05-15 14:52:22 UTC

amd64 stable

Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev

2019-05-16 23:58:13 UTC

x86 stable

Comment 5 Larry the Git Cow gentoo-dev

2019-05-17 00:15:27 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=930bbe80a6e12d45b9e75e722412942be8e72592

commit 930bbe80a6e12d45b9e75e722412942be8e72592
Author:     Georgy Yakovlev <gyakovlev@gentoo.org>
AuthorDate: 2019-05-17 00:14:20 +0000
Commit:     Georgy Yakovlev <gyakovlev@gentoo.org>
CommitDate: 2019-05-17 00:14:20 +0000

    dev-lang/rust: drop vulnerable
    
    Bug: https://bugs.gentoo.org/685970
    Package-Manager: Portage-2.3.66, Repoman-2.3.12
    Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

 dev-lang/rust/Manifest              |   2 -
 dev-lang/rust/rust-1.34.0-r2.ebuild | 328 ------------------------------------
 dev-lang/rust/rust-1.34.1.ebuild    | 328 ------------------------------------
 3 files changed, 658 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9f1e1780a767315efe548dc84769b31c6aea08e6

commit 9f1e1780a767315efe548dc84769b31c6aea08e6
Author:     Georgy Yakovlev <gyakovlev@gentoo.org>
AuthorDate: 2019-05-17 00:13:45 +0000
Commit:     Georgy Yakovlev <gyakovlev@gentoo.org>
CommitDate: 2019-05-17 00:13:45 +0000

    dev-lang/rust-bin: drop vulnerable
    
    Bug: https://bugs.gentoo.org/685970
    Package-Manager: Portage-2.3.66, Repoman-2.3.12
    Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

 dev-lang/rust-bin/Manifest                  |  26 -----
 dev-lang/rust-bin/rust-bin-1.34.0-r1.ebuild | 160 --------------------------
 dev-lang/rust-bin/rust-bin-1.34.1.ebuild    | 171 ----------------------------
 3 files changed, 357 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d04363c762bbd607fac205da35c61d5f87bdc795

commit d04363c762bbd607fac205da35c61d5f87bdc795
Author:     Georgy Yakovlev <gyakovlev@gentoo.org>
AuthorDate: 2019-05-17 00:13:02 +0000
Commit:     Georgy Yakovlev <gyakovlev@gentoo.org>
CommitDate: 2019-05-17 00:13:02 +0000

    virtual/cargo: drop vulnerable
    
    Bug: https://bugs.gentoo.org/685970
    Package-Manager: Portage-2.3.66, Repoman-2.3.12
    Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

 virtual/cargo/cargo-1.34.0.ebuild | 17 -----------------
 virtual/cargo/cargo-1.34.1.ebuild | 17 -----------------
 2 files changed, 34 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b061362542b901bcd075f80d4c861a0f8130468

commit 0b061362542b901bcd075f80d4c861a0f8130468
Author:     Georgy Yakovlev <gyakovlev@gentoo.org>
AuthorDate: 2019-05-17 00:12:29 +0000
Commit:     Georgy Yakovlev <gyakovlev@gentoo.org>
CommitDate: 2019-05-17 00:12:29 +0000

    virtual/rust: drop vulnerable
    
    Bug: https://bugs.gentoo.org/685970
    Package-Manager: Portage-2.3.66, Repoman-2.3.12
    Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

 virtual/rust/rust-1.34.0.ebuild | 15 ---------------
 virtual/rust/rust-1.34.1.ebuild | 15 ---------------
 2 files changed, 30 deletions(-)

Comment 6 Georgy Yakovlev archtester

2019-05-17 00:16:12 UTC

tree clean of vulnerable versions.
leaving bug open for security