CVE-2020-35892 – This vulnerability in the simple-slab Rust crat... (How to Fix)

Q: How do I fix CVE-2020-35892?

1. Update Cargo.toml to specify simple-slab version '>=0.3.3'. 2. Run 'cargo update' to fetch the patched version. 3. Rebuild and redeploy your application. 4. Restart any running services using the updated application.

Q: What is the severity of CVE-2020-35892?

CVE-2020-35892 has a CVSS score of 9.1 (CRITICAL). This vulnerability in the simple-slab Rust crate allows attackers to read memory outside the intended bounds of a data structure via the index() function. This affects any Rust application using vulnerable versions of simple-slab for memory management. The out-of-bounds read can expose sensitive information or crash applications.

📋 TL;DR

This vulnerability in the simple-slab Rust crate allows attackers to read memory outside the intended bounds of a data structure via the index() function. This affects any Rust application using vulnerable versions of simple-slab for memory management. The out-of-bounds read can expose sensitive information or crash applications.

💻 Affected Systems

Products:

simple-slab Rust crate

Versions: All versions before 0.3.3

Operating Systems: All operating systems running Rust applications

Default Config Vulnerable: ⚠️ Yes

Notes: Any Rust application that imports and uses simple-slab version <0.3.3 is vulnerable regardless of configuration.

📦 What is this software?

Simple Slab by Simple Slab Project

View all CVEs affecting Simple Slab →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive memory contents including passwords, keys, or other application data, potentially leading to full system compromise if combined with other vulnerabilities.

🟠

Likely Case

Application crashes (denial of service) or exposure of non-sensitive memory contents, potentially enabling further exploitation.

🟢

If Mitigated

Limited impact if proper memory isolation and sandboxing are in place, though information leakage may still occur.

🌐 Internet-Facing: HIGH - Any internet-facing service using vulnerable simple-slab could be exploited to read memory contents or cause crashes.

🏢 Internal Only: MEDIUM - Internal applications are less exposed but still vulnerable to authenticated or insider attacks.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability is straightforward to exploit by calling index() with out-of-bounds parameters. Public advisories include exploitation details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.3.3

Vendor Advisory: https://rustsec.org/advisories/RUSTSEC-2020-0039.html

Restart Required: Yes

Instructions:

1. Update Cargo.toml to specify simple-slab version '>=0.3.3'. 2. Run 'cargo update' to fetch the patched version. 3. Rebuild and redeploy your application. 4. Restart any running services using the updated application.

🔧 Temporary Workarounds

Remove simple-slab dependency

all

Replace simple-slab with alternative memory management solutions in your Rust codebase.

cargo remove simple-slab
Manually replace simple-slab usage with alternative crates

🧯 If You Can't Patch

Isolate affected applications in containers or VMs with strict memory limits
Implement network segmentation to limit access to vulnerable services

🔍 How to Verify

Check if Vulnerable:

Check Cargo.lock or run 'cargo tree | grep simple-slab' to see if version <0.3.3 is present.

Check Version:

grep simple-slab Cargo.lock | head -1

Verify Fix Applied:

Verify Cargo.lock shows simple-slab version 0.3.3 or higher, and run application tests to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

Application crashes with segmentation faults
Unexpected memory access errors in Rust panic messages

Network Indicators:

Unusual patterns of requests to endpoints using simple-slab functionality

SIEM Query:

source="application_logs" AND ("segmentation fault" OR "out of bounds" OR "index out of range")

📊 Metadata

CVE ID: CVE-2020-35892

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

Published: December 31, 2020

Last Updated: November 21, 2024

🔗 References

https://rustsec.org/advisories/RUSTSEC-2020-0039.html Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2020-0039.html Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-35892, you might also want to check these: