CVE-2021-45705 – This vulnerability in the nanorand Rust crate b... (How to Fix)

📋 TL;DR

This vulnerability in the nanorand Rust crate before version 0.6.1 allows multiple mutable references to the same object due to improper raw pointer dereferencing in the TlsWyRand Deref implementation. This violates Rust's ownership rules and can lead to data races, memory corruption, or undefined behavior. Any Rust application using vulnerable versions of the nanorand crate is affected.

💻 Affected Systems

Products:

Rust applications using nanorand crate

Versions: nanorand crate versions < 0.6.1

Operating Systems: All operating systems running Rust applications

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects applications that use the TlsWyRand type from the nanorand crate.

📦 What is this software?

Nanorand by Nanorand Project

View all CVEs affecting Nanorand →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory corruption leading to arbitrary code execution, denial of service, or data integrity compromise.

🟠

Likely Case

Application crashes, data corruption, or unpredictable behavior due to data races and memory safety violations.

🟢

If Mitigated

Limited impact if application doesn't heavily rely on thread-local random number generation or has additional memory safety controls.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of Rust memory model and ability to trigger data races.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: nanorand 0.6.1 and later

Vendor Advisory: https://rustsec.org/advisories/RUSTSEC-2021-0114.html

Restart Required: Yes

Instructions:

1. Update Cargo.toml to require nanorand >= 0.6.1
2. Run 'cargo update' to fetch the patched version
3. Rebuild and redeploy your application

🔧 Temporary Workarounds

Pin to safe version

all

Manually specify nanorand version 0.6.1 or later in Cargo.toml

cargo update nanorand --precise 0.6.1

🧯 If You Can't Patch

Avoid using TlsWyRand type in the nanorand crate
Implement additional memory safety checks and bounds validation in application code

🔍 How to Verify

Check if Vulnerable:

Check Cargo.lock for nanorand version < 0.6.1

Check Version:

grep nanorand Cargo.lock

Verify Fix Applied:

Verify Cargo.lock shows nanorand >= 0.6.1

📡 Detection & Monitoring

Log Indicators:

Application crashes with memory access violations
Unexpected behavior in random number generation

Network Indicators:

None specific to this vulnerability

SIEM Query:

Application logs containing 'segmentation fault', 'memory access violation', or similar memory error messages

📊 Metadata

CVE ID: CVE-2021-45705

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Published: December 27, 2021

Last Updated: November 21, 2024

🔗 References

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/nanorand/RUSTSEC-2021-0114.md Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0114.html Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/nanorand/RUSTSEC-2021-0114.md Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0114.html Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON