CVE-2022-21658

CWE-363 CWE-367 CWE-476 — NULL Pointer Dereference11 documents7 sources

Severity

6.3MEDIUM

EPSS

0.9%

top 24.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Rust-lang Rust Apple Ipados Apple Iphone OS +4 more

Timeline

PublishedJan 20

Latest updateMar 14

Description

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affect…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:HExploitability: 2.0 | Impact: 4.7

Affected Packages8 packages

▶CVEListV5rust-lang/rust< 1.58.1

▶Debianrustc< 1.57.0+dfsg1-1+2

▶NVDrust-lang/rust1.0.0 — 1.58.0

▶NVDapple/macos12.0.0 — 12.3

▶NVDapple/tvos< 15.4

Also affects: Fedora 34, 35

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

Race condition in std::fs::remove_dir_all in rustlang↗2022-01-20

▶

OSV

CVE-2022-21658: Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency↗2022-01-20

▶

📋Vendor Advisories

Apple

CVE-2022-21658: tvOS 15.4↗2022-03-14

▶

Apple

CVE-2022-21658: iOS 15.4 and iPadOS 15.4↗2022-03-14

▶

Apple

CVE-2022-21658: macOS Monterey 12.3↗2022-03-14

▶

Apple

CVE-2022-21658: watchOS 8.5↗2022-03-14

▶

Red Hat

rust: Race condition in remove_dir_all leading to removal of files outside of the directory being removed↗2022-01-20

▶