This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate pprof

Dependencies

(12 total, 5 outdated, 2 possibly insecure)

CrateRequiredLatestStatus
 backtrace^0.30.3.71up to date
 inferno^0.90.11.19out of date
 lazy_static^1.41.4.0up to date
 libc^0.2.660.2.153up to date
 log^0.40.4.21up to date
 nix ⚠️^0.160.28.0out of date
 prost^0.60.12.3out of date
 prost-derive^0.60.12.3out of date
 rustc-demangle^0.10.1.23up to date
 spin ⚠️^0.50.9.8out of date
 tempfile^3.13.10.1up to date
 thiserror^1.01.0.58up to date

Dev dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 rand^0.7.20.8.5out of date

Security Vulnerabilities

spin: Wrong memory orderings in RwLock potentially violates mutual exclusion

RUSTSEC-2019-0013

Wrong memory orderings inside the RwLock implementation allow for two writers to acquire the lock at the same time. The drop implementation used Ordering::Relaxed, which allows the compiler or CPU to reorder a mutable access on the locked data after the lock has been yielded.

Only users of the RwLock implementation are affected. Users of Once (including users of lazy_static with the spin_no_std feature enabled) are NOT affected.

On strongly ordered CPU architectures like x86, the only real way that this would lead to a memory corruption is if the compiler reorders an access after the lock is yielded, which is possible but in practice unlikely. It is a more serious issue on weakly ordered architectures such as ARM which, except in the presence of certain instructions, allow the hardware to decide which accesses are seen at what times. Therefore on an ARM system it is likely that using the wrong memory ordering would result in a memory corruption, even if the compiler itself doesn't reorder the memory accesses in a buggy way.

The flaw was corrected by https://github.com/mvdnes/spin-rs/pull/66.

nix: Out-of-bounds write in nix::unistd::getgrouplist

RUSTSEC-2021-0119

On certain platforms, if a user has more than 16 groups, the nix::unistd::getgrouplist function will call the libc getgrouplist function with a length parameter greater than the size of the buffer it provides, resulting in an out-of-bounds write and memory corruption.

The libc getgrouplist function takes an in/out parameter ngroups specifying the size of the group buffer. When the buffer is too small to hold all of the requested user's group memberships, some libc implementations, including glibc and Solaris libc, will modify ngroups to indicate the actual number of groups for the user, in addition to returning an error. The version of nix::unistd::getgrouplist in nix 0.16.0 and up will resize the buffer to twice its size, but will not read or modify the ngroups variable. Thus, if the user has more than twice as many groups as the initial buffer size of 8, the next call to getgrouplist will then write past the end of the buffer.

The issue would require editing /etc/groups to exploit, which is usually only editable by the root user.