/
DirectorySecurity Advisories
Sign In
Security Advisories

GHSA-jcr6-4frq-9gjj

Published

Last updated

https://github.com/advisories/GHSA-jcr6-4frq-9gjj

Summary

Users vulnerable to unaligned read of *const *const c_char pointer

Description

Affected versions dereference a potentially unaligned pointer. The pointer is commonly unaligned in practice, resulting in undefined behavior.

In some build modes, this is observable as a panic followed by abort. In other build modes the UB may manifest in some other way, including the possibility of working correctly in some architectures.

The crate is not currently maintained, so a patched version is not available.

Recommended alternatives

  • uzers (an actively maintained fork of the users crate)
  • sysinfo

References

  • https://github.com/advisories/GHSA-jcr6-4frq-9gjj
  • https://github.com/ogham/rust-users/issues/55
  • https://github.com/ogham/rust-users
  • https://rustsec.org/advisories/RUSTSEC-2023-0059.html

Affected packages

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsPricingOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation