8 matches found
CVE-2021-29938
An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drainfilter upon a panic in a predicate function...
Double free in slice-deque
An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drainfilter upon a panic in a predicate function...
RUSTSEC-2021-0047 SliceDeque::drain_filter can double drop an element if the predicate panics
Affected versions of the crate incremented the current index of the drain filter iterator before calling the predicate function self.pred. If the predicate function panics, it is possible for the last element in the iterator to be dropped twice...
SliceDeque::drain_filter can double drop an element if the predicate panics
Affected versions of the crate incremented the current index of the drain filter iterator before calling the predicate function self.pred. If the predicate function panics, it is possible for the last element in the iterator to be dropped twice...
RUSTSEC-2019-0002 Bug in SliceDeque::move_head_unchecked corrupts its memory
Affected versions of this crate entered a corrupted state if mem::sizeof:: % allocationgranularity != 0 and a specific allocation pattern was used: sufficiently shifting the deque elements over the mirrored page boundary. This allows an attacker that controls controls both element insertion and...
Bug in SliceDeque::move_head_unchecked corrupts its memory
Affected versions of this crate entered a corrupted state if mem::sizeof:: % allocationgranularity != 0 and a specific allocation pattern was used: sufficiently shifting the deque elements over the mirrored page boundary. This allows an attacker that controls controls both element insertion and...
RUSTSEC-2018-0008 Bug in SliceDeque::move_head_unchecked allows read of corrupted memory
Affected versions of this crate did not properly update the head and tail of the deque when inserting and removing elements from the front if, before insertion or removal, the tail of the deque was in the mirrored memory region, and if, after insertion or removal, the head of the deque is exactly...
Bug in SliceDeque::move_head_unchecked allows read of corrupted memory
Affected versions of this crate did not properly update the head and tail of the deque when inserting and removing elements from the front if, before insertion or removal, the tail of the deque was in the mirrored memory region, and if, after insertion or removal, the head of the deque is exactly...