RUSTSEC-2021-0119: 
Rust vulnerability analysis and mitigation

The vulnerability (RUSTSEC-2021-0119/CVE-2021-45707) was discovered in the nix crate versions 0.16.0 and later, affecting versions before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. The issue involves an out-of-bounds write vulnerability in the unistd::getgrouplist function when a user is a member of more than 16 /etc/groups groups (NVD).

The vulnerability stems from a mismatch between the buffer capacity and the ngroups value passed to libc::getgrouplist. When libc::getgrouplist returns -1 (indicating the supplied groups buffer is too short), the code doubles the buffer size but doesn't properly update the ngroups value to reflect the new buffer length. This causes libc to write beyond the allocated memory buffer, potentially leading to segmentation faults, allocator corruption, or undefined behavior (Github Issue). The vulnerability has been assigned a CVSS v3.1 base score of 9.8 (CRITICAL) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability can result in out-of-bounds memory writes, which may lead to memory corruption, program crashes, or potential arbitrary code execution. The high CVSS score indicates that this vulnerability could potentially be exploited remotely without requiring privileges or user interaction (NVD).

The vulnerability has been fixed in versions 0.20.2, 0.21.2, and 0.22.2 of the nix crate. Users should upgrade to these or later versions to mitigate the vulnerability. The fix involves properly updating the ngroups value to match the buffer capacity in each iteration of the getgrouplist function (NVD).