CVE-2018-1000657

Name of the Vulnerable Software and Affected Versions Rust standard library versions Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e through Commit fdfafb510b1a38f727e920dccbeeb638d39a8e60 Rust standard library version 1.3.0 through 1.22.0

Description The issue is related to a Buffer Overflow vulnerability in the std::collections::vec deque::VecDeque::reserve() function, which can result in Arbitrary code execution. No proof-of-concept exploit is currently published.

Recommendations For versions Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e through Commit fdfafb510b1a38f727e920dccbeeb638d39a8e60, update to a version after Commit fdfafb510b1a38f727e920dccbeeb638d39a8e60. For version 1.3.0 through 1.22.0, update to version 1.22.0 or later. As a temporary workaround, consider disabling the std::collections::vec deque::VecDeque::reserve() function until a patch is available.