mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00

Files

djc eadb7bac15 Assigned RUSTSEC-2025-0047 to slab

2025-08-12 11:41:13 +02:00

1.0 KiB

Raw Permalink Blame History

[advisory]
id = "RUSTSEC-2025-0047"
package = "slab"
aliases = ["CVE-2025-55159", "GHSA-qx2v-8332-m4fv"]
date = "2025-08-12"
url = "https://github.com/tokio-rs/slab/security/advisories/GHSA-qx2v-8332-m4fv"
references = ["https://github.com/tokio-rs/slab/pull/152"]
keywords = ["memory-exposure", "bounds-check"]

[versions]
patched = [">= 0.4.11"]
unaffected = ["< 0.4.10"]

[affected.functions]
"slab::Slab::get_disjoint_mut" = ["= 0.4.10"]

Out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check

Impact

The get_disjoint_mut method in slab v0.4.10 incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes.

Patches

This has been fixed in slab v0.4.11.

Workarounds

Avoid using get_disjoint_mut with indices that might be beyond the slab's actual length, or upgrade to v0.4.11 or later.

References

https://github.com/tokio-rs/slab/pull/152

1.0 KiB Raw Permalink Blame History

Out-of-bounds access in get_disjoint_mut due to incorrect bounds check