Impact
Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. rand_core::BlockRng::next_u64 and rand_core::BlockRng::fill_bytes are affected.
Patches
The flaw was corrected by Ralf Jung and Diggory Hardy for rand_core >= 0.4.2.
Workarounds
None.
References
See Rand's changelog.
For more information
If you have any questions or comments about this advisory, open an issue in the Rand repository.
Impact
Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior.
rand_core::BlockRng::next_u64andrand_core::BlockRng::fill_bytesare affected.Patches
The flaw was corrected by Ralf Jung and Diggory Hardy for
rand_core >= 0.4.2.Workarounds
None.
References
See Rand's changelog.
For more information
If you have any questions or comments about this advisory, open an issue in the Rand repository.