Miggo Logo

CVE-2019-16139:
Out of bounds access in compact_arena

9.8

CVSS Score

Basic Information

EPSS Score
-
Published
8/25/2021
Updated
6/13/2023
KEV Status
No
Technology
TechnologyRust

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
compact_arenarust< 0.4.00.4.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper generativity implementation in arena creation. The RustSec advisory explicitly lists SmallArena::new as a vulnerable function. The new() method's failure to properly establish invariant lifetimes allowed arena instances to share compatible type signatures, enabling index mixing between arenas. This matches the CWE-125/787 descriptions of out-of-bounds access and the reproduction example showing arena index cross-use.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*****t** v*rsions o* t*is *r*t* *i* not prop*rly impl*m*nt t** **n*r*tivity, ****us* t** inv*ri*nt li**tim*s w*r* not n***ss*rily *ropp**. T*is *llows *n *tt**k*r to mix up two *r*n*s, usin* in*i**s *r**t** *rom on* *r*n* wit* *not**r on*. T*is mi**

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*r*tivity impl*m*nt*tion in *r*n* *r**tion. T** RustS** **visory *xpli*itly lists Sm*ll*r*n*::n*w *s * vuln*r**l* *un*tion. T** n*w() m*t*o*'s **ilur* to prop*rly *st**lis* inv*ri*nt li**tim*s *llow** *r*n* in