CVE-2021-29941

Name of the Vulnerable Software and Affected Versions reorder crate through 2021-02-24 for Rust

Description An issue was discovered in the reorder crate where the swap index function can have an out-of-bounds write if an iterator returns a len() that is too small. The swap index function takes an iterator and swaps the items with their corresponding indexes, reserving capacity and setting the length of the vector based on the len() method of the iterator. If the len() returned by the iterator is larger than the actual number of elements yielded, then swap index creates a vector containing uninitialized members. If the len() returned by the iterator is smaller than the actual number of members yielded, then swap index can write out of bounds past its allocated vector.

Recommendations For versions prior to 1.1.0, update the reorder crate to version 1.1.0, which marks the swap index function as unsafe. As a temporary workaround, consider avoiding the use of the swap index function until the issue is resolved.