CVE-2021-45710

Published: 27 December 2021

An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption.

Priority

CVSS 3 base score: 8.1

Status

Package	Release	Status
rust-tokio Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Needed
	hirsute	Ignored (reached end-of-life)
	impish	Needed
	jammy	Needed
	trusty	Ignored (out of standard support)
	upstream	Needs triage
	xenial	Ignored (out of standard support)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45710
https://rustsec.org/advisories/RUSTSEC-2021-0124.html
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/tokio/RUSTSEC-2021-0124.md
NVD
Launchpad
Debian

Bugs

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›