Fedora Account System
Red Hat Associate
Red Hat Customer
The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected. External References: https://blog.rust-lang.org/2019/05/13/Security-advisory.html
Created rust tracking bugs for this issue: Affects: epel-7 [bug 1709712] Affects: fedora-29 [bug 1709710] Affects: fedora-30 [bug 1709711]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.