Candidate: CVE-2019-16137
PublicDate: 2019-09-09 12:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16137
 https://rustsec.org/advisories/RUSTSEC-2019-0013.html
 https://github.com/mvdnes/spin-rs/issues/65
Description:
 An issue was discovered in the spin crate before 0.5.2 for Rust, when
 RwLock is used. Because memory ordering is mishandled, two writers can
 acquire the lock at the same time, violating mutual exclusion.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_rust-spin:
upstream_rust-spin: released (0.5.2-1)
precise/esm_rust-spin: DNE
trusty_rust-spin: ignored (out of standard support)
trusty/esm_rust-spin: DNE
xenial_rust-spin: DNE
bionic_rust-spin: DNE
disco_rust-spin: ignored (reached end-of-life)
eoan_rust-spin: not-affected (0.5.2-1)
devel_rust-spin: not-affected (0.5.2-1)