Remember that, for these soundness issues to result in vulnerabilities, they (1) have to be accidentally relied upon in code (2) that can be controlled by attackers (3) in a way that results in a vulnerability (use after free with attacker controlled heap, etc).
It's worth comparing to other languages. There are known ways to segfault PHP and most other scripting languages, but those bugs aren't considered security problems unless they meet all three criteria above. In Go, there are even known ways to get use-after-free without using the unsafe package that won't be fixed by design. That doesn't stop security experts from recommending the language, because, again, any such UAFs are not likely to meet all these criteria.
Now in Rust we prioritize soundness issues highly, because we want safe code to actually be safe. We have high standards for ourselves--our standard is almost as high as that of runtimes that are intended to execute hostile code, such as JavaScript engines. Unlike with JS engines, though, fixes to soundness issues around the edges of Rust are probably not going to have much of a practical security impact. (The probability of these correctness issues having security implications is not zero, to be sure, but it's small.) Finding and fixing these problems mostly serves to keep us honest.
> It's worth comparing to other languages. There are known ways to segfault PHP and most other scripting languages, but those bugs aren't considered security problems unless they meet all three criteria above.
With Python it's ok to execute arbitrary code if the bytecode fed to the interpreter is not sound (so be careful when generating bytecode). Ditto for formats like marshal and pickle.
Totally. There are multiple known soundness issues with rust already. Still, the language is definitely miles ahead when it comes to safety (within its niche).
Yeah, the remarkable thing about this (for me) is that this particular case isn't actually a language soundness flaw, demonstrating that the general approach Rust takes is a useful one. The author puts it nicely on the /r/rust thread [1].
