rustc has a business logic flaw. The vulnerability exists due to the iterator_get_unchecked()
more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.
github.com/rust-lang/rust/issues/81740
github.com/rust-lang/rust/pull/81741
lists.fedoraproject.org/archives/list/[email protected]/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5/
lists.fedoraproject.org/archives/list/[email protected]/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4/
lists.fedoraproject.org/archives/list/[email protected]/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE/
security-tracker.debian.org/tracker/CVE-2021-28876