GHSA-3632-54q8-m96x: 
Rust vulnerability analysis and mitigation

The arenavec crate (version <= 0.1.1) contains multiple critical memory corruption vulnerabilities that can be triggered through safe APIs. The vulnerabilities were discovered and reported in August 2025, with an official advisory issued on September 1, 2025. The affected package is a Rust crate that provides arena-based vector implementations (RustSec Advisory).

The vulnerabilities manifest in three distinct ways: 1) The arenavec::common::AllocHandle trait allows returning raw pointers through its methods without being marked as unsafe, potentially leading to arbitrary memory access when these pointers are dereferenced in safe APIs like SliceVec::push. 2) The SliceVec::reserve implementation can cause a mismatch between the reported capacity and actual allocated memory due to incorrect behavior in allocate_inner, resulting in heap buffer overflows. 3) The SliceVec::split_off method can create duplicate ownership of elements that implement the Drop trait, leading to double-free violations when both copies are deallocated (GitHub Issue 4, GitHub Issue 5, GitHub Issue 6).

The vulnerabilities can lead to severe memory safety violations including arbitrary memory access, heap buffer overflows, and double-free violations. These issues can result in program crashes, memory corruption, and potential security breaches in applications using the affected versions of the arenavec crate (RustSec Advisory).

Currently, there are no patched versions available for these vulnerabilities. Users are advised to avoid using the arenavec crate in its current form, as the issues affect core functionality and can be triggered through safe APIs (RustSec Advisory).