CVE-2018-1000657

Buffer overflow vulnerability in VecDeque::reserve()

Reported

August 20, 2018

Issued

October 1, 2020

Package

std

Type

Vulnerability

Categories

code-execution
denial-of-service

References

https://github.com/rust-lang/rust/issues/44800

Patched

>=1.22.0

Unaffected

<1.3.0

Affected Functions

Version

std::collections::vec_deque::VecDeque::reserve

<1.22.0, >=1.3.0

Description

The std::collections::vec_deque::VecDeque::reserve() function contains a buffer overflow vulnerability that can potentially result in arbitrary code execution.

Advisory available under CC0-1.0 license.