Miggo Logo
Miggo Vulnerability Database
GHSA-6692-8qqf-79jc

GHSA-6692-8qqf-79jc: `Read` on uninitialized buffer may cause UB ('tectonic_xdv' crate)

N/A

CVSS Score

Basic Information

CVE ID
-
GHSA ID
GHSA-6692-8qqf-79jc
EPSS Score
-
CWE
-
Published
6/17/2022
Updated
6/13/2023
KEV Status
No
Technology
TechnologyRust

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
tectonic_xdvrust< 0.1.120.1.12

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the buffer initialization pattern shown in the commit diff. The original code used Vec::with_capacity() + unsafe set_len() to create an uninitialized buffer, which was then passed to Read::read(). This matches the exact scenario described in the advisory - passing uninitialized buffers to user-provided Read implementations. The fixed commit replaced this with vec![0; BUF_SIZE], proving the vulnerable code was in this specific function. The XdvParser::process method is clearly identified as the location where the unsafe buffer handling occurred before the patch.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*****t** v*rsions o* t*is *r*t* p*ss*s *n uniniti*liz** *u***r to * us*r-provi*** `R***` impl*m*nt*tion. *r*itr*ry `R***` impl*m*nt*tions **n r*** *rom t** uniniti*liz** *u***r (m*mory *xposur*) *n* *lso **n r*turn in*orr**t num**r o* *yt*s writt*n

Reasoning

T** vuln*r**ility st*ms *rom t** *u***r initi*liz*tion p*tt*rn s*own in t** *ommit *i**. T** ori*in*l *o** us** V**::wit*_**p**ity() + uns*** s*t_l*n() to *r**t* *n uniniti*liz** *u***r, w*i** w*s t**n p*ss** to R***::r***(). T*is m*t***s t** *x**t s