PT-2021-16831 · Smallvec+1 · Smallvec+1

Qwaz

Published

2021-01-08

Updated

2022-05-24

CVE-2021-25900

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions smallvec versions 0.6.13 and earlier smallvec versions 1.x prior to 1.6.1

Description A heap-based buffer overflow issue exists due to a bug in the SmallVec::insert many method. This method allocated a buffer that was smaller than needed and then wrote past the end of the buffer, causing a buffer overflow and memory corruption on the heap. The bug was triggered when the iterator passed to insert many yielded more items than the lower bound returned from its size hint method.

Recommendations For smallvec versions 0.6.13 and earlier, update to version 0.6.14 or later. For smallvec versions 1.x prior to 1.6.1, update to version 1.6.1 or later. As a temporary workaround, consider restricting the use of the SmallVec::insert many method until a patch is available.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2021-25900

GHSA-43W2-9J62-HQ99

MGASA-2021-0234

OPENSUSE-SU-2021:0634-1

OPENSUSE-SU-2021_0634-1

OPENSUSE-SU-2024:11593-1

RUSTSEC-2021-0003

SUSE-SU-2021:1408-1

SUSE-SU-2021_1408-1

Affected Products

Suse

Smallvec

PT-2021-16831 · Smallvec+1 · Smallvec+1

CVE-2021-25900

Weakness Enumeration

Related Identifiers

Affected Products

References · 24