9.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-36434

GHSA ID

GHSA-2f5j-3mhq-xv58

EPSS Score

0.61972%

CWE

CWE-415

Published

8/25/2021

Updated

6/13/2023

KEV Status

Technology

Rust

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-36434

CVE-2020-36434: Double free in sys-info

Affected versions of sys-info use a static, global, list to store temporary disk information while running. The function that cleans up this list, DFCleanup, assumes a single threaded environment and will try to free the same memory twice in a multithreaded environment. This results in consistent double-frees and segfaults when calling sys_info::disk_info from multiple threads at once. The issue was fixed by moving the global variable into a local scope.

(GitHub Advisory)

9.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-36434

GHSA ID

GHSA-2f5j-3mhq-xv58

EPSS Score

0.61972%

CWE

CWE-415

Published

8/25/2021

Updated

6/13/2023

KEV Status

Technology

Rust

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
sys-info	rust	< 0.8.0	0.8.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from the use of a static global variable (DFhashvector) in C code. DFCleanup() directly frees this global list without thread safety, causing double-frees when multiple threads invoke sys_info::disk_info(). get_disk_info() is the parent function that triggers DFCleanup(), making both functions critical to the vulnerability. The Rust function sys_info::disk_info() is the entry point but delegates to these unsafe C functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*****t** v*rsions o* sys-in*o us* * st*ti*, *lo**l, list to stor* t*mpor*ry *isk in*orm*tion w*il* runnin*. T** *un*tion t**t *l**ns up t*is list, ***l**nup, *ssum*s * sin*l* t*r***** *nvironm*nt *n* will try to *r** t** s*m* m*mory twi** in * multit

Reasoning

T** vuln*r**ility st*ms *rom t** us* o* * st*ti* *lo**l v*ri**l* (****s*v**tor) in * *o**. ***l**nup() *ir**tly *r**s t*is *lo**l list wit*out t*r*** s***ty, **usin* *ou*l*-*r**s w**n multipl* t*r***s invok* sys_in*o::*isk_in*o(). **t_*isk_in*o() is

9.8

Basic Information

Concerned about an active attack path?

CVE-2020-36434: Double free in sys-info

9.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI