rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
5165f9f0ee8972e98328c9f23a9bf660842ef781
advisory-db/crates/ruint/RUSTSEC-2025-0137.md
djc 5165f9f0ee Synchronize IDs (2025-12-27)
2025-12-27 03:04:54 +00:00

710 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2025-0137"
package = "ruint"
date = "2025-12-22"
url = "https://github.com/recmo/uint/issues/550"
categories = ["memory-corruption"]
keywords = ["soundness", "out-of-bounds"]
aliases = ["GHSA-9fjq-45qv-pcm7"]

[affected.functions]
"ruint::algorithms::div::reciprocal_mg10" = ["< 1.17.0"]

[versions]
patched = []

Unsoundness of safe reciprocal_mg10

The function reciprocal_mg10 is marked as safe but can trigger undefined behavior (out-of-bounds access) because it relies on debug_assert! for safety checks instead of assert!.

When compiled in release mode, the debug_assert! is optimized out, potentially allowing invalid inputs to cause memory corruption.