CVE-2025-48754

In the memorypages crate 0.1.0 for Rust, division by zero can occur...

PT-2025-22830 · Anode · Anode

Name of the Vulnerable Software and Affected Versions: anode crate version 0.1.0 Description: The issue concerns data races that can occur in the unlock mechanism of the SpinLock in the anode crate for Rust. Recommendations: For anode crate version 0.1.0, consider disabling the unlock function in...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation in the United States. A security vulnerability exists in Rust that stems from an attempt to allocate memory for zero-size types...

CVE-2025-48755

CVE-2025-48755 affects the spiral-rs crate (Rust) version 0.2.0, where an allocation can be attempted for a zero-sized type (ZST). The root cause, as described in the provided sources, is an allocation operation involving ZSTs within spiral-rs. The CVSSv3.1 metrics from NVD indicate a critical ba...

PT-2025-22831

Name of the Vulnerable Software and Affected Versions memory pages crate version 0.1.0 Description The issue is related to division by zero in the memory pages crate for Rust. Recommendations For memory pages crate version 0.1.0, update to a version that fixes the division by zero issue. At the...

CVE-2025-48755

In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST zero-sized type...

CVE-2025-48753

In the anode crate 0.1.0 for Rust, data races can occur in unlock in SpinLock...

CVE-2025-48752

In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthreadmutex is unlocked...

CVE-2025-48752

In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthreadmutex is unlocked...

CVE-2025-48756

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

PT-2025-22832

Name of the Vulnerable Software and Affected Versions spiral-rs crate version 0.2.0 Description The issue concerns the spiral-rs crate for Rust, where allocation can be attempted for a ZST zero-sized type. Recommendations For spiral-rs crate version 0.2.0, consider avoiding allocations for...

CVE-2025-48753

In the anode crate 0.1.0 for Rust, data races can occur in unlock in SpinLock...

CVE-2025-48752

In the Rust process-sync crate, version 0.2.2, the Drop implementation fails to verify whether the pthread_mutex is unlocked. This is the stated root cause of CVE-2025-48752, per multiple connected feeds. The sources do not provide exploit details, affected vectors beyond the mutex unlock check i...

CVE-2025-48754

CVE-2025-48754 affects the memory_pages crate 0.1.0 for Rust, where a division by zero can occur. Public sources corroborate the issue (NVD CVSS 3.1 base score 7.5 HIGH; GHSA/Red Hat entries describe the same division-by-zero problem). The connected documents do not provide a concrete patch versi...

CVE-2025-48751

The processlock crate 0.1.0 for Rust allows data races in unlock...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation in the United States. A security vulnerability exists in Rust that stems from a possible overflow in groupnumber, where a hardware device may expect a small number of bits to be used to represent a group number...

CVE-2025-48754

In the memorypages crate 0.1.0 for Rust, division by zero can occur...

CVE-2025-48753

CVE-2025-48753 affects the anode crate 0.1.0 for Rust. The issue is a data race in SpinLock_UNLOCK, arising from the unlock path, which can lead to concurrent access problems. The NVD CVSSv3.1 vector indicates a CRITICAL impact (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with network attack vector, hig...

CVE-2025-22620

gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. Thi...

CVE-2024-40648

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. The UserIdentity::isverified method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result retur...