CVE-2021-31162
📋 TL;DR
CVE-2021-31162 is a double-free vulnerability in Rust's standard library Vec::from_iter function that occurs when freeing an element panics, potentially leading to memory corruption. This affects applications written in Rust versions before 1.52.0 that use Vec::from_iter with elements whose destructors might panic. Attackers could exploit this to cause denial of service or potentially execute arbitrary code.
💻 Affected Systems
- Rust programming language
- Applications built with Rust
📦 What is this software?
Fedora by Fedoraproject
Fedora by Fedoraproject
Fedora by Fedoraproject
Rust by Rust Lang
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise if an attacker can trigger the double-free and control memory layout.
Likely Case
Application crash or denial of service due to memory corruption, potentially leading to data loss or service disruption.
If Mitigated
Minimal impact if applications don't use Vec::from_iter with panicking destructors or have proper error handling.
🎯 Exploit Status
Exploitation requires triggering a panic in element destructors during Vec::from_iter, which may require specific application logic. Proof-of-concept exists in GitHub issues.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Rust 1.52.0 and later
Vendor Advisory: https://github.com/rust-lang/rust/issues/83618
Restart Required: Yes
Instructions:
1. Update Rust toolchain to version 1.52.0 or later using rustup update. 2. Recompile all Rust applications with the updated toolchain. 3. Redeploy updated applications. 4. Restart services using Rust applications.
🔧 Temporary Workarounds
Avoid panicking destructors in Vec::from_iter
allModify code to avoid using Vec::from_iter with elements whose destructors might panic, or wrap elements to catch panics.
🧯 If You Can't Patch
- Isolate affected Rust applications in containers or VMs with minimal privileges
- Implement monitoring for application crashes and memory corruption indicators
🔍 How to Verify
Check if Vulnerable:
Check Rust version with 'rustc --version' and verify it's below 1.52.0. Also check if code uses Vec::from_iter with potentially panicking destructors.Check Version:
rustc --versionVerify Fix Applied:
Verify Rust version is 1.52.0 or higher with 'rustc --version'. Test applications for stability with Vec::from_iter operations.📡 Detection & Monitoring
Log Indicators:
- Application crashes with memory corruption errors
- Double-free detection in memory sanitizers
- Unexpected panics in Vec operations
Network Indicators:
- Sudden service termination of Rust applications
- Increased error rates in Rust-based services
SIEM Query:
Application logs containing 'double free', 'memory corruption', or panics in Vec::from_iter context🔗 References
- https://github.com/rust-lang/rust/issues/83618
- https://github.com/rust-lang/rust/pull/83629
- https://github.com/rust-lang/rust/pull/84603
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE/
- https://security.gentoo.org/glsa/202210-09
- https://github.com/rust-lang/rust/issues/83618
- https://github.com/rust-lang/rust/pull/83629
- https://github.com/rust-lang/rust/pull/84603
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE/
- https://security.gentoo.org/glsa/202210-09
