mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-13 21:18:11 +01:00
666 B
666 B
[advisory]
id = "RUSTSEC-2021-0047"
package = "slice-deque"
aliases = ["CVE-2021-29938"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
date = "2021-02-19"
url = "https://github.com/gnzlbg/slice_deque/issues/90"
categories = ["memory-corruption"]
keywords = ["memory-safety", "double-free"]
[versions]
patched = []
SliceDeque::drain_filter can double drop an element if the predicate panics
Affected versions of the crate incremented the current index of the drain filter
iterator before calling the predicate function self.pred.
If the predicate function panics, it is possible for the last element in the iterator to be dropped twice.