{"id":"RUSTSEC-2024-0400","summary":"`ruzstd` uninit and out-of-bounds memory reads","details":"Affected versions of `ruzstd` miscalculate the length of the allocated\nand init section of its internal `RingBuffer`, leading to uninitialized\nor out-of-bounds reads in `copy_bytes_overshooting` of up to 15 bytes.\n\nThis may result in up to 15 bytes of memory contents being written\ninto the decoded data when decompressing a crafted archive.\nThis may occur multiple times per archive.","aliases":["GHSA-x3f4-45xf-rjm7"],"modified":"2025-10-28T06:29:26.723756Z","published":"2024-11-28T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/ruzstd"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2024-0400.html"},{"type":"REPORT","url":"https://github.com/KillingSpark/zstd-rs/issues/75"},{"type":"WEB","url":"https://github.com/KillingSpark/zstd-rs/pull/76"}],"affected":[{"package":{"name":"ruzstd","ecosystem":"crates.io","purl":"pkg:cargo/ruzstd"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.7.0"},{"fixed":"0.7.3"}]}],"ecosystem_specific":{"affects":{"functions":[],"os":[],"arch":[]},"affected_functions":null},"database_specific":{"informational":null,"categories":["memory-exposure"],"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2024-0400.json","cvss":null}}],"schema_version":"1.7.3"}