Vulnerability in Rust Standard Library
A vulnerability (CVE-2022-21658) has been identified in the Rust standard library due to a race condition in the std::fs::remove_dir_all() function. If this function is used to delete temporary files in a privileged application, an attacker can achieve the deletion of arbitrary system files and directories that the attacker would not normally have access to delete. The vulnerability is caused by incorrect implementation of checking symbolic links before recursive […]