CVE-2020-11105: 
NixOS vulnerability analysis and mitigation

An issue was discovered in USC iLab cereal through version 1.3.0, identified as CVE-2020-11105. The vulnerability relates to the caching mechanism of std::shared_ptr values, where the raw pointer address is used as a unique identifier. This vulnerability has been confirmed to affect multiple versions of Aurora MySQL, including versions 3.07.0, 3.06.0, 3.05.2, 3.04.2, 2.12.1, and 2.11.5 (Aurora MySQL).

The vulnerability stems from the software's implementation of caching std::shared_ptr values using the raw pointer as a unique identifier. The issue becomes problematic when a std::shared_ptr variable goes out of scope and is freed, and a new std::shared_ptr is allocated at the same memory address. This creates a situation where serialization fidelity becomes dependent upon memory layout, potentially leading to incorrect data serialization (GitHub Issue).

The vulnerability can result in incorrect data serialization where the deserialized output does not match the original input. For example, when serializing a sequence of true and false values using shared pointers, the deserialized output might incorrectly return all true values due to the memory address reuse issue (GitHub Issue).

The vulnerability has been addressed in various Aurora MySQL versions. Users are recommended to upgrade to patched versions including 3.07.0, 3.06.0, 3.05.2, 3.04.2, 2.12.1, or 2.11.5 which contain the fix for CVE-2020-11105 (Aurora MySQL).