{"id":"RUSTSEC-2019-0022","summary":"Stream callback function is not unwind safe","details":"Affected versions of this crate is not panic safe within callback functions `stream_callback` and `stream_finished_callback`.\n\nThe call to user-provided closure might panic before a `mem::forget` call, which then causes a use after free that grants attacker to control the callback function pointer.\n\nThis allows an attacker to construct an arbitrary code execution .\n \nThe flaw was reported by Phosphorus15.","aliases":["CVE-2019-16881","GHSA-qpjr-ch72-2qq4"],"modified":"2023-11-08T04:01:22.139199Z","published":"2019-09-14T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/portaudio-rs"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2019-0022.html"},{"type":"REPORT","url":"https://github.com/mvdnes/portaudio-rs/issues/20"}],"affected":[{"package":{"name":"portaudio-rs","ecosystem":"crates.io","purl":"pkg:cargo/portaudio-rs"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.3.2-0"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"functions":[],"arch":[],"os":[]}},"database_specific":{"cvss":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2019-0022.json","informational":null,"categories":["code-execution","memory-corruption"]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}