Home > Vulnerability Database > WS-2020-0453

Mend.io Vulnerability Database

WS-2020-0453

Good to know:

Date: November 3, 2024

In pnet_packet before 0.27.2, a buffer overrun is possible in the set_payload setter of the various mutable "Packet" struct setters. The offending set_payload functions were defined within the struct impl blocks in earlier versions of the package, and later by the packet macro.

Language: RUST

Severity Score

6.0

Related Resources (6)

Url: https://github.com/libpnet/libpnet

Url: https://crates.io/crates/pnet_packet

Url: https://github.com/libpnet/libpnet/commit/dde31d26fd7b8ea23fbcb2928583a7882748e653

Url: https://rustsec.org/advisories/RUSTSEC-2020-0167.html

Url: https://github.com/libpnet/libpnet/issues/449

Url: https://www.mend.io/vulnerability-database/WS-2020-0453

Severity Score

6.0

Weakness Type (CWE)

Buffer Errors

CWE-119

Top Fix

Upgrade Version

Upgrade to version pnet_packet - 0.27.0

Learn More

CVSS v3.1

Base Score:	6.0
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2020-0453

Good to know:

Date: November 3, 2024

Language: RUST

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?