If ReadAsync is being cancelled while producer allocates memory using GetMemory subsequent ReadAsync calls would never block even if there is no new data available causing a tight loop. ReadAsync would start blocking again when producer calls FlushAsync. Only consumers that do not observe IsCancelled flag on ReadResult are affected. .NET Core ≤ 4.5.0 are believed to be vulnerable.
Acknowledgments: Name: Microsoft
External Reference: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8409
This was shipped and can be closed.