CVE-2021-29938

HIGH7.5EPSS 0.39%

SliceDeque::drain_filter can double drop an element if the predicate panics

Published: 8/25/2021Modified: 11/8/2023

Also known as:GHSA-p9gf-gmfv-398mRUSTSEC-2021-0047

Description

Affected versions of the crate incremented the current index of the drain filter iterator *before* calling the predicate function `self.pred`. If the predicate function panics, it is possible for the last element in the iterator to be dropped twice.

Affected packages (2)

crates.io/slice-dequefrom 0, <= 0.3.0
crates.io/slice-deque>= 0.0.0-0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References (5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-29938
PATCHhttps://crates.io/crates/slice-deque
PATCHhttps://github.com/gnzlbg/slice_deque
WEBhttps://github.com/gnzlbg/slice_deque/issues/90
WEBhttps://rustsec.org/advisories/RUSTSEC-2021-0047.html