CVE-2020-13759

HIGH

vm-memory < 0.1.1 and 0.2.x < 0.2.1 - Denial of Service via Improper Memory Access

Title source: llm
STIX 2.1

Description

rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attackers to cause a denial of service (loss of IP networking) because read_obj and write_obj do not properly access memory. This affects aarch64 (with musl or glibc) and x86_64 (with musl).

References (3)

Core 3
Core References
Technical Description x_refsource_misc
https://github.com/rust-vmm/vm-memory/issues/93
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/rust-vmm/vm-memory/releases/tag/v0.1.1
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/rust-vmm/vm-memory/releases/tag/v0.2.1

Scores

CVSS v3 7.5
EPSS 0.0160
EPSS Percentile 72.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-662 CWE-362
Status published
Products (2)
crates.io/vm-memory 0 - 0.1.1crates.io
vm-memory_project/vm-memory < 0.1.1
Published Jun 02, 2020
Tracked Since Feb 18, 2026