Deps.rs

rcore-os / zcore

[![dependency status](https://deps.rs/repo/github/rcore-os/zcore/status.svg)](https://deps.rs/repo/github/rcore-os/zcore)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate zcore-drivers

Dependencies

(7 total, 3 outdated)

CrateRequiredLatestStatus
 log^0.40.4.27up to date
 cfg-if^1.01.0.0up to date
 bitflags^1.32.9.0out of date
 lazy_static^1.41.5.0up to date
 numeric-enum-macro^0.20.2.0up to date
 d1-pac^0.0.270.0.32out of date
 volatile^0.30.6.1out of date

Crate kernel-hal

Dependencies

(11 total, 4 outdated)

CrateRequiredLatestStatus
 log^0.40.4.27up to date
 spin^0.90.10.0out of date
 cfg-if^1.01.0.0up to date
 bitflags^1.32.9.0out of date
 trapframe^0.9.00.10.0out of date
 git-version^0.30.3.9up to date
 numeric-enum-macro^0.20.2.0up to date
 lazy_static^1.41.5.0up to date
 nix^0.230.29.0out of date
 tempfile^33.19.1up to date
 async-std^1.101.13.1up to date

Crate zircon-object

Dependencies

(9 total, 4 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 bitflags^1.32.9.0out of date
 log^0.40.4.27up to date
 hashbrown^0.90.15.2out of date
 downcast-rs^1.22.0.1out of date
 numeric-enum-macro^0.20.2.0up to date
 futures^0.30.3.31up to date
 xmas-elf ⚠️^0.70.10.0out of date
 lazy_static^1.41.5.0up to date
 cfg-if^1.01.0.0up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 async-std^1.101.13.1up to date

Crate zircon-syscall

Dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 log^0.40.4.27up to date
 bitflags^1.32.9.0out of date
 numeric-enum-macro^0.20.2.0up to date
 futures^0.30.3.31up to date
 cfg-if^1.01.0.0up to date

Crate linux-object

Dependencies

(9 total, 4 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 async-trait^0.10.1.88up to date
 log^0.40.4.27up to date
 xmas-elf ⚠️^0.70.10.0out of date
 bitflags^1.32.9.0out of date
 hashbrown^0.90.15.2out of date
 numeric-enum-macro^0.20.2.0up to date
 downcast-rs^1.22.0.1out of date
 lazy_static^1.41.5.0up to date
 cfg-if^1.01.0.0up to date

Crate linux-syscall

Dependencies

(7 total, 2 outdated)

CrateRequiredLatestStatus
 log^0.40.4.27up to date
 bitflags^1.32.9.0out of date
 numeric-enum-macro^0.20.2.0up to date
 static_assertions^1.1.01.1.0up to date
 lazy_static^1.41.5.0up to date
 bitvec^0.221.0.1out of date
 futures^0.30.3.31up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 async-std^1.101.13.1up to date

Crate zcore-loader

Dependencies

(3 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 log^0.40.4.27up to date
 cfg-if^1.01.0.0up to date
 xmas-elf ⚠️^0.70.10.0out of date

Dev dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 env_logger^0.90.11.8out of date
 async-std^1.101.13.1up to date

Crate zcore

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 log^0.40.4.27up to date
 cfg-if^1.01.0.0up to date
 spin^0.9.40.10.0out of date
 customizable-buddy^0.0.30.0.3up to date

Crate z-config

Dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 serde^1.01.0.219up to date
 serde_derive^1.01.0.219up to date
 toml^0.5.90.8.20out of date

Crate xtask

Dependencies

(6 total, 1 outdated)

CrateRequiredLatestStatus
 clap^4.04.5.36up to date
 dircpy^0.30.3.19up to date
 rand^0.80.9.1out of date
 once_cell^1.15.01.21.3up to date
 num_cpus^11.16.0up to date
 os-xtask-utils^0.0.00.0.0up to date

Security Vulnerabilities

xmas-elf: Potential out-of-bounds read with a malformed ELF file and the HashTable API.

RUSTSEC-2025-0018

Affected versions of this crate only validated the index argument of HashTable::get_bucket and HashTable::get_chain against the input-controlled bucket_count and chain_count fields, but not against the size of the ELF section. As a result, a malformed ELF file could trigger out-of-bounds reads in a consumer of the HashTable API by setting these fields to inappropriately large values that would fall outside the relevant hash table section, and by introducing correspondingly out-of-bounds hash table indexes elsewhere in the ELF file.