CVE-2021-25902

Name of the Vulnerable Software and Affected Versions glsl-layout crate versions prior to 0.4.0

Description An issue was discovered in the glsl-layout crate where a panic occurring within the user-provided function f (2nd parameter of fn map array) causes a double drop of a single object. This happens because affected versions did not guard against panic within the function f. The flaw was corrected by wrapping the vulnerable object within ManuallyDrop<T>.

Recommendations For versions prior to 0.4.0, update to version 0.4.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the map array function with user-provided functions that may panic, or ensure that such functions are properly handled to prevent panics.