mio is vulnerable to Use After Free
58
Medium Risk
On Windows, NamedPipe::connect issues an asynchronous ConnectNamedPipe overlapped operation and only afterwards clones and leaks an Arc reference to the pipe's internal Inner state so the IOCP completion handler can keep it alive. Because the completion can run as soon as the operation is issued, the extra reference may be taken too late and the internal reference count momentarily drops to zero, dropping and freeing Inner while NamedPipe still uses it. This causes a use-after-free and a second drop (double free) when the NamedPipe is later dropped, corrupting memory. The fix clones the Arc before calling the overlapped connect and only forgets that clone when the operation is still pending.
You are affected if you are using a version that falls within the vulnerable range and use mio named pipes on Windows.
mio is vulnerable to Use After Free in versions 0.7.2 - 1.2.0.
Upgrade the mio library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant