PT-2021-16838 · Unknown · Containers

Published

2021-01-12

Updated

2021-08-25

CVE-2021-25907

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions containers crate versions prior to 0.9.11

Description An issue in the containers crate for Rust can cause a double drop of an object when a panic occurs in a user-provided function f, specifically in fn mutate() and fn mutate2(). This happens because affected versions of the crate did not guard against double drop while temporarily duplicating an object's ownership with ptr::read(). Dropping the same object twice can result in memory corruption.

Recommendations For versions prior to 0.9.11, update to version 0.9.11 to fix the issue by aborting upon panic, thus preventing the double drop and potential memory corruption.

Exploit

Fix

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

CVE-2021-25907

GHSA-CV7X-6RC6-PQ5V

RUSTSEC-2021-0010

Affected Products

Containers

PT-2021-16838 · Unknown · Containers

CVE-2021-25907

Weakness Enumeration

Related Identifiers

Affected Products

References · 8