N/A

CVSS Score

-

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-9g55-pg62-m8hh

EPSS Score

CWE

Published

6/16/2022

Updated

1/12/2023

KEV Status

Technology

Rust

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-9g55-pg62-m8hh

GHSA-9g55-pg62-m8hh: Channel creates zero value of any type

Affected versions of this crate called mem::zeroed() to create values of a user-supplied type T. This is unsound e.g. if T is a reference type (which must be non-null).

The flaw was corrected by avoiding the use of mem::zeroed(), using MaybeUninit instead.

(GitHub Advisory)

Miggo Vulnerability Database

→

GHSA-9g55-pg62-m8hh

GHSA-9g55-pg62-m8hh:

N/A

CVSS Score

-

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-9g55-pg62-m8hh

EPSS Score

CWE

Published

6/16/2022

Updated

1/12/2023

KEV Status

Technology

Rust

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
crossbeam-channel	rust	< 0.4.3	0.4.3

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from using mem::zeroed() to initialize generic types. The GitHub PR #458 specifically replaced mem::zeroed() with MaybeUninit in these locations. The Channel constructor and Block::new functions were directly handling user-supplied types T and contained the unsafe zero-initialization pattern described in the advisory. The array flavor implementation was identified as the affected component through the vulnerability description and linked fix.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

N/A

-

Basic Information

Basic Information

Concerned about an active attack path?

GHSA-9g55-pg62-m8hh: Channel creates zero value of any type

GHSA-9g55-pg62-m8hh:

N/A

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

N/A

N/A

Technical Details

GHSA-9g55-pg62-m8hh: Channel creates zero value of any type

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI