Actions
Bug #20269
closedVulnerability in tokio
Status:
Released
Priority:
N/A
Assignee:
Category:
Relay server or API
Target version:
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:
Description
04:09:53 error[A001]: Data race when sending and receiving after closing a `oneshot` channel 04:09:53 ┌─ /srv/jenkins/workspace/pendencies_branches_rudder_6.1_3/relay/sources/relayd/Cargo.lock:205:1 04:09:53 │ 04:09:53 205 │ tokio 0.1.22 registry+https://github.com/rust-lang/crates.io-index 04:09:53 │ ------------------------------------------------------------------ security vulnerability detected 04:09:53 │ 04:09:53 = ID: RUSTSEC-2021-0124 04:09:53 = Advisory: https://rustsec.org/advisories/RUSTSEC-2021-0124 04:09:53 = If a `tokio::sync::oneshot` channel is closed (via the 04:09:53 [`oneshot::Receiver::close`] method), a data race may occur if the 04:09:53 `oneshot::Sender::send` method is called while the corresponding 04:09:53 `oneshot::Receiver` is `await`ed or calling `try_recv`. 04:09:53 04:09:53 When these methods are called concurrently on a closed channel, the two halves 04:09:53 of the channel can concurrently access a shared memory location, resulting in a 04:09:53 data race. This has been observed to [cause memory corruption][corruption]. 04:09:53 04:09:53 Note that the race only occurs when **both** halves of the channel are used 04:09:53 after the `Receiver` half has called `close`. Code where `close` is not used, or where the 04:09:53 `Receiver` is not `await`ed and `try_recv` is not called after calling `close`, 04:09:53 is not affected. 04:09:53 04:09:53 See [tokio#4225][issue] for more details. 04:09:53 04:09:53 [corruption]: https://github.com/tokio-rs/tokio/issues/4225#issuecomment-967434847 04:09:53 [issue]: https://github.com/tokio-rs/tokio/issues/4225 04:09:53 [`oneshot::Receiver::close`]: https://docs.rs/tokio/1.14.0/tokio/sync/oneshot/struct.Receiver.html#method.close 04:09:53 = Announcement: https://github.com/tokio-rs/tokio/issues/4225 04:09:53 = Solution: Upgrade to >=1.8.4, <1.9.0 OR >=1.13.1 04:09:53 = tokio v0.1.22 04:09:53 ├── hyper v0.12.36 04:09:53 │ ├── hyper-tls v0.3.2 04:09:53 │ │ └── reqwest v0.9.24 04:09:53 │ │ └── relayd v0.0.0-dev 04:09:53 │ ├── relayd v0.0.0-dev (*) 04:09:53 │ ├── reqwest v0.9.24 (*) 04:09:53 │ └── warp v0.1.22 04:09:53 │ └── relayd v0.0.0-dev (*) 04:09:53 ├── inotify v0.7.0 04:09:53 │ └── relayd v0.0.0-dev (*) 04:09:53 ├── relayd v0.0.0-dev (*) 04:09:53 ├── reqwest v0.9.24 (*) 04:09:53 └── warp v0.1.22 (*)
Updated by Alexis Mousset almost 3 years ago
- Status changed from New to In progress
- Assignee set to Alexis Mousset
Updated by Alexis Mousset almost 3 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Alexis Mousset to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/rudder/pull/3995
Updated by Alexis Mousset almost 3 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|1d8fa8d1b9ddf02b7b05a7573cc9e8a8a426bca9.
Updated by Alexis Mousset almost 3 years ago
- Fix check changed from To do to Checked
Updated by Vincent MEMBRÉ almost 3 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 6.1.18, 6.2.12 and 7.0.0~rc2 which were released today.
Actions