CVE-2024-4435

Name of the Vulnerable Software and Affected Versions stable-structures versions prior to 0.6.4

Description When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". It was discovered that when a node is deallocated, in some cases only the first memory chunk is deallocated, and the rest of the memory chunks remain allocated, causing a memory leak. An adversary could interact with the canister through its API and trigger interactions with the map that keep consuming memory due to the memory leak, potentially leading to excessive memory use or running out of memory.

Recommendations For versions prior to 0.6.4, upgrade to version 0.6.4 to ensure all of a node's memory chunks are deallocated when a node is deallocated. Users who are not storing unbounded types in BTreeMap are not affected and do not need to upgrade.