GHSA-rxr4-x558-x7hw
Suggest an improvement- Source
- https://github.com/advisories/GHSA-rxr4-x558-x7hw
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-rxr4-x558-x7hw/GHSA-rxr4-x558-x7hw.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-rxr4-x558-x7hw
- Aliases
- Published
- 2021-08-25T20:42:54Z
- Modified
- 2023-11-08T04:00:13.368337Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Double free in smallvec
- Details
-
If an iterator passed to SmallVec::insert_many panicked in Iterator::next, destructors were run during unwinding while the vector was in an inconsistent state, possibly causing a double free (a destructor running on two copies of the same value).
This is fixed in smallvec 0.6.3 by ensuring that the vector's length is not updated to include moved items until they have been removed from their original positions. Items may now be leaked if Iterator::next panics, but they will not be dropped more than once.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-415" ], "severity": "CRITICAL", "github_reviewed": true, "github_reviewed_at": "2021-08-19T21:25:34Z" }- References
Affected packages
crates.io / smallvec
Package
- Name
- smallvec
- View open source insights on deps.dev
- Purl
- pkg:cargo/smallvec