CVE-2025-55159 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Slab

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources

Severity

5.1MEDIUMNVD

EPSS

0.0%

top 93.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tokio-rs Slab Debian Rust-slab Msrc Azl3 Rust 1.75.0-22 ON Azure Linux 3.0 +3 more

Timeline

PublishedAug 11

Latest updateAug 12

Description

slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has been fixed in slab 0.4.11. A workaround for this issue involves to avoid using get_disjoint_mut with indices that might be beyond the slab's actual length.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages7 packages

▶crates.iotokio-rs/slab0.4.10 — 0.4.11

▶CVEListV5tokio-rs/slab>= 0.4.10, < 0.4.11

▶debiandebian/rust-slab

▶msrcmsrc/azl3_rust_1.90.0-1_on_azure_linux_3.0

▶msrcmsrc/azl3_rust_1.90.0-3_on_azure_linux_3.0

🔴Vulnerability Details

OSV

Out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check↗2025-08-12

▶

GHSA

slab allows out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check↗2025-08-11

▶

OSV

slab allows out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check↗2025-08-11

▶

OSV

CVE-2025-55159: slab is a pre-allocated storage for a uniform data type↗2025-08-11

▶

📋Vendor Advisories

Microsoft

slab allows out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check↗2025-08-12

▶

Red Hat

slab: Slab: Out-of-bounds Memory Access Vulnerability↗2025-08-11

▶

Debian

CVE-2025-55159: rust-slab - slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the ...↗2025

▶