VDB
KO

RUSTSEC-2026-0197

`Matrix{2,3,4}::swap_columns` can trigger undefined behavior for identical indices

Details

The `Matrix2::swap_columns`, `Matrix3::swap_columns`, and `Matrix4::swap_columns` implementations call `ptr::swap(&mut self[a], &mut self[b])`.

When `a == b`, these safe APIs create two mutable references to the same matrix column and pass them to `ptr::swap`. This violates Rust's aliasing rules and can trigger undefined behavior. The issue can be reproduced from safe Rust by calling `swap_columns` with identical column indices, for example `m.swap_columns(0, 0)`.

A minimal fix is to return early when the two column indices are equal before calling `ptr::swap`.

Are you affected?

Enter the version of the package you're using.

Affected packages

crates.io / cgmath
Introduced in: 0.0.0-0

No fixed version published yet for cgmath. Pin to a known-safe version or switch to an alternative.

References