Description
rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attackers to cause a denial of service (loss of IP networking) because read_obj and write_obj do not properly access memory. This affects aarch64 (with musl or glibc) and x86_64 (with musl).
Scores
CVSS v3
7.5
EPSS
0.0039
EPSS Percentile
59.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-662
CWE-362
Status
published
Products (2)
crates.io/vm-memory
0 - 0.1.1crates.io
vm-memory_project/vm-memory
< 0.1.1
Published
Jun 02, 2020
Tracked Since
Feb 18, 2026