Security Bulletin: Cargo in IBM Open SDK for Rust on AIX uses a vulnerable version of thin-vec (CVE-2026-6654)

Summary The cargo package manager in IBM Open SDK for Rust on AIX 1.90.0.1 and 1.92.0.1 uses the thin-vec-0.2.14 crate, which is vulnerable to a double free error. Vulnerability Details CVEID:CVE-2026-6654 DESCRIPTION: Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear...

UBUNTU-CVE-2026-6654

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

CVE-2026-6654

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

thin-vec: Use-After-Free and Double Free in IntoIter::drop When Element Drop Panics

Summary A Double Free / Use-After-Free UAF vulnerability has been identified in the IntoIter::drop and ThinVec::clear implementations of the thinvec crate. Both vulnerabilities share the same root cause and can trigger memory corruption using only safe Rust code — no unsafe blocks required...