5.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-35915

GHSA ID

GHSA-4hjg-cx88-g9f9

EPSS Score

0.16858%

CWE

CWE-362

Published

8/25/2021

Updated

6/13/2023

KEV Status

Technology

Rust

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-35915

CVE-2020-35915: Data races in futures-intrusive

GenericMutexGuard<T> was given the Sync auto trait as long as T is Send due to its contained members. However, since the guard is supposed to represent an acquired lock and allows concurrent access to the underlying data from different threads, it should only be Sync when the underlying data is.

This is a soundness issue and allows data races, potentially leading to crashes and segfaults from safe Rust code.

The flaw was corrected by adding a T: Send + Sync bound for GenericMutexGuard's Sync trait.

(GitHub Advisory)

5.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-35915

GHSA ID

GHSA-4hjg-cx88-g9f9

EPSS Score

0.16858%

CWE

CWE-362

Published

8/25/2021

Updated

6/13/2023

KEV Status

Technology

Rust

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
futures-intrusive	rust	< 0.4.0	0.4.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper Sync trait implementation on GenericMutexGuard. The original implementation only required T: Send for Sync, but should have required T: Send + Sync to prevent cross-thread sharing of guarded data that isn't thread-safe. This allowed sending Sync-marked guards containing non-Sync types like Cell to different threads, enabling data races through safe code as demonstrated in the PoC. The trait implementation itself (not a specific function) was the vulnerable component, but we represent it as the Sync trait impl in the structure's definition.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

**n*ri*Mut*x*u*r*<T> w*s *iv*n t** Syn* *uto tr*it *s lon* *s T is S*n* *u* to its *ont*in** m*m**rs. *ow*v*r, sin** t** *u*r* is suppos** to r*pr*s*nt *n **quir** lo*k *n* *llows *on*urr*nt ****ss to t** un**rlyin* **t* *rom *i***r*nt t*r***s, it s*

Reasoning

T** vuln*r**ility st*ms *rom improp*r Syn* tr*it impl*m*nt*tion on **n*ri*Mut*x*u*r*. T** ori*in*l impl*m*nt*tion only r*quir** T: S*n* *or Syn*, *ut s*oul* **v* r*quir** T: S*n* + Syn* to pr*v*nt *ross-t*r*** s**rin* o* *u*r*** **t* t**t isn't t*r**

5.5

Basic Information

Concerned about an active attack path?

CVE-2020-35915: Data races in futures-intrusive

5.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI