This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate bugreport


(2 total, 1 outdated, 1 insecure)

 snailquote^ to date

Security Vulnerabilities

sys-info: Double free when calling `sys_info::disk_info` from multiple threads


Affected versions of sys-info use a static, global, list to store temporary disk information while running. The function that cleans up this list, DFCleanup, assumes a single threaded environment and will try to free the same memory twice in a multithreaded environment.

This results in consistent double-frees and segfaults when calling sys_info::disk_info from multiple threads at once.

The issue was fixed by moving the global variable into a local scope.

Safer Alternatives: