Lucene search
GoogleOSV:GHSA-3QM2-RFQW-FMRWHistoryMay 24, 2022 - 5:43 p.m.
move_elements can double-free objects on panic
2022-05-2417:43:48
Google
osv.dev
5
0.002 Low
EPSS
Percentile
60.7%
Affected versions of scratchpad used ptr::read to read elements while calling a user provided function f on them. Since the pointer read duplicates ownership, a panic inside the user provided f function could cause a double free when unwinding.
The flaw was fixed in commit 891561bea by removing the unsafe block and using a plain iterator.
| CPE | Name | Operator | Version |
|---|---|---|---|
| scratchpad | lt | 1.3.1 |
Related
cve
cve
CVE-2021-28031
2021-03-05 09:15:14
rustsec
rustsec
move_elements can double-free objects on panic
2021-02-18 12:00:00
prion
prion
Double free
2021-03-05 09:15:00
osv
osv
CVE-2021-28031
2021-03-05 09:15:14
move_elements can double-free objects on panic
2021-02-18 12:00:00
nvd
nvd
CVE-2021-28031
2021-03-05 09:15:14
github
github
move_elements can double-free objects on panic
2022-05-24 17:43:48
cvelist
cvelist
CVE-2021-28031
2021-03-05 08:40:15