← Back to CVE List

CVE-2020-11105

Published: 2020-03-30T22:15Z
Last Modified: 2024-11-21T04:56Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::shared_ptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::shared_ptr variable goes out of scope and is freed, and a new std::shared_ptr is allocated at the same address. Serialization fidelity thereby becomes dependent upon memory layout. In short, serialized std::shared_ptr variables cannot always be expected to serialize back into their original values. This can have any number of consequences, depending on the context within which this manifests. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt