Vulnerability Description
rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attackers to cause a denial of service (loss of IP networking) because read_obj and write_obj do not properly access memory. This affects aarch64 (with musl or glibc) and x86_64 (with musl).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vm-Memory Project | Vm-Memory | < 0.1.1 |
Related Weaknesses (CWE)
References
- https://github.com/rust-vmm/vm-memory/issues/93Technical Description
- https://github.com/rust-vmm/vm-memory/releases/tag/v0.1.1Release NotesThird Party Advisory
- https://github.com/rust-vmm/vm-memory/releases/tag/v0.2.1Release NotesThird Party Advisory
- https://github.com/rust-vmm/vm-memory/issues/93Technical Description
- https://github.com/rust-vmm/vm-memory/releases/tag/v0.1.1Release NotesThird Party Advisory
- https://github.com/rust-vmm/vm-memory/releases/tag/v0.2.1Release NotesThird Party Advisory
FAQ
What is CVE-2020-13759?
CVE-2020-13759 is a vulnerability with a CVSS score of 7.5 (HIGH). rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attackers to cause a denial of service (loss of IP networking) because read_obj and write_obj do not properly access memory. This affects ...
How severe is CVE-2020-13759?
CVE-2020-13759 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-13759?
Check the references section above for vendor advisories and patch information. Affected products include: Vm-Memory Project Vm-Memory.