{"id":"RUSTSEC-2025-0005","summary":"Out of bounds write triggered by crafted coverage data","details":"Function `grcov::covdir::get_coverage` uses the `unsafe` function `get_unchecked_mut`\nwithout validating that the index is in bounds.\n\nThis results in memory corruption, and could potentially allow arbitrary code execution\nprovided that an attacker can feed the tool crafted coverage data.","aliases":["GHSA-qm2p-4w45-v2vr"],"modified":"2025-10-28T06:29:25.945179Z","published":"2025-01-13T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/grcov"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0005.html"},{"type":"WEB","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917475"}],"affected":[{"package":{"name":"grcov","ecosystem":"crates.io","purl":"pkg:cargo/grcov"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.8.21-0"}]}],"ecosystem_specific":{"affects":{"functions":["grcov::covdir::get_coverage"],"os":[],"arch":[]},"affected_functions":null},"database_specific":{"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0005.json","cvss":null,"informational":null,"categories":["memory-corruption"]}}],"schema_version":"1.7.3"}