rust-slice-deque is vulnerable to CVE-2021-29938

  • Open
  • quality assurance status badge
Details
2 participants
  • Léo Le Bouter
  • Maxim Cournoyer
Owner
unassigned
Submitted by
Léo Le Bouter
Severity
normal
L
L
Léo Le Bouter wrote on 1 Apr 2021 16:08
(address . bug-guix@gnu.org)
3e2016e62239d2039e48c945a6b6a982c09e3f5f.camel@zaclys.net
CVE-2021-29938 07:15
An issue was discovered in the slice-deque crate through 2021-02-19 for
Rust. A double drop can occur in SliceDeque::drain_filter upon a panic
in a predicate function.


I suggest we wait for merge then update our package.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBl0+8ACgkQRaix6GvN
EKaK6g/+Mz00XfGipOQkZnxHNCMeyow+SRlAUQbZKJCPKCuFjPTszW1075c9YCCd
dcJ9/cdESVmodrlGcay5+qHqXbPQCLMwvT5+FpVB3/gn0NrybueHhm34jswbNB5d
mBKPuZWTSpuWyvLhb2xTKVZPlNducPev6jcj68vVP9/PEknOkJ/luFLVNb1b38Fa
HlkVaAZ908Wecx9wstji7F3lW4TVENxnMgrndoKBAJyDTGuOr3hj5Y2aT2tVsCGp
MVKbjIlr+ydSgfTKOe0KnC2gztPNBf9cd7DwTnQgim4XdujB23iLI99KWUej3Snv
SNbfrCyDzpofHMbNgxlM1drRiMwRr44D27dSIqGtlyjmoW8/3ug3GEIjubf8PEw6
8TMT/OZM1Uuz85x6BHb5iPSKJqOTWxX51DbR462zLfbPmj1hyYVh2ztPJG/Llv6a
V0EVVCgPcpiIiJ+jRq1DF1465VQLvb838Jzp1SYdCUXJAYFMQzvjeeC8najh2RGG
XNlpkOVLQbiJkZ5b2cGjRX1XL4rDQ5cJQUiGZiKGg7AsVq4lg4fUNVFwzTUcFI4W
8sRBYjsKb9Jxfswl0IOXzwxzCNIz6CciDjMtJb39l1cop8FYF1B9V5J5myQ5RGy2
cee7OijCNnfVo90W1JbCAB7LMFj1kQCt+4Xdj5n8Q9MZy8buhz4=
=cx4d
-----END PGP SIGNATURE-----


L
L
Léo Le Bouter wrote on 1 Apr 2021 16:09
(address . control@debbugs.gnu.org)
455f913579bf510bb21c651880a53dda55c7be9e.camel@zaclys.net
tags 47544 + security
quit
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBl1CkACgkQRaix6GvN
EKYqIg//fEcUdfGmcvqLlJqL+2OQpLOG3Q7eLH+Js3txTX0iAqt+koJBhmMicOg7
kW0peiGvHwAfNiGgT2Lq9cR9TezAREQk2I0TeW+HpB+2vPB4RAacCXTx76FXlO/c
5i7+y2P99FR/9eX9DSvVdmIJ1Q4eN5BxNmhqgB6P+SzQYotPvbyX+pUJb3wiXCLS
cW9Wxg997oclQXcpoKC9DRkmJXhoYiGOFdXfq9IdS3OMJiC2AOTIPW+Wpvg2jAvk
iJLREjI77AlImK2Vg7IzpHC+ndMCJTe883W5Fuuvphc2zF7sZ8zKTLEicAqIA991
TtIakdKoJ/8fkltESeTw+RKw1ow/NFA6BoHzh2TNSzimSFMYTL3gF1l2OfwHRYwu
mMyAV05uTwl1TfZ1PUecgUp94UM9PfA1fz7FoUJVyTkLN7jvl67ITC7SkFY4RVG8
8LjOzTUfMLS95JnAOt17K36C3fZEZSc06XVqIauiriBA3osrYjVYGNUo97GH7Xrz
YcFsYWNgnyEScbDkbMRcmndrThWxbwpBvrJL9BCJ8H/JJU5CGEbALu56qEXBgiea
szxvziPWLQkRLIiQ7WejpLR4e+z74/SV4Lnleekb8zqwusWqy37o/C1HT40KhzJS
nOVMEtlMK2lJLeYkAUMor7yQFZKZmhlmqkDVMgUu0tEHORUfFnA=
=vIVe
-----END PGP SIGNATURE-----


M
M
Maxim Cournoyer wrote on 23 Mar 2022 03:39
(name . Léo Le Bouter)(address . lle-bout@zaclys.net)(address . 47544@debbugs.gnu.org)
87v8w5z92o.fsf@gmail.com
Hello,

Léo Le Bouter <lle-bout@zaclys.net> writes:

Toggle quote (7 lines)
> CVE-2021-29938 07:15
> An issue was discovered in the slice-deque crate through 2021-02-19 for
> Rust. A double drop can occur in SliceDeque::drain_filter upon a panic
> in a predicate function.
>
> Upstream PR: https://github.com/gnzlbg/slice_deque/pull/91

The project appears unmaintained [0].


It's used by a couple other packages (how many? hard to tell, this
being Rust in Guix).

Thanks,

Maxim
?