CVE-2018-20992: Uninitialized memory exposure in claxon
6.5
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.52961%
CWE
Published
8/25/2021
Updated
6/13/2023
KEV Status
No
Technology
Rust
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
claxon | rust | >= 0.4.0, < 0.4.1 | 0.4.1 |
claxon | rust | < 0.3.2 | 0.3.2 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems directly from the decode_residual function's handling of residual partitions:
- The original code calculated n_samples = block_size >> order without validating divisibility
- This could create gaps between partitions when block_size wasn't a multiple of 2^order
- The buffer slicing logic (buffer[start..start + len]) would then leave portions uncovered
- The commit adds critical validation (block_size & (n_partitions - 1) == 0) to prevent this
- The patch modifies this specific function's partition math and adds error checking
- All vulnerability descriptions point to residual decoding as the attack vector
- No other functions are modified in the security-relevant commit diff