{"id":"RUSTSEC-2025-0042","summary":"Uninitialized read after allocating MemBump","details":"The affected function, `MemBump::new()`, would allocate memory without\ninitializing it. Subsequently calling the created value's various `alloc`\nmethods would then read and write the start of that memory as a `Cell` which is\nundefined behavior. Instead, it should zero initialize the start of the\nallocated memory.\n\nFor instance, some values could violate the internal invariants of the type and\ncause an assertion failure. Nevertheless, no deterministic read is known to\ncause further uninitialized memory to be exposed.\n\nAffected downstream users that can not upgrade are advised to call\n`MemBump::reset` immediately after allocation to manually perform the missing\nwrite of the counter best-as-possible.\n\nThe flaw was corrected in commit d8d6a7d096d3aaafd963b356a8f1bbd8d26fd967 by\nzeroing the Cell at the start of the allocated memory.","aliases":["GHSA-xrrq-rrgq-h89w"],"modified":"2025-10-28T06:29:27.107480Z","published":"2025-07-11T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/static-alloc"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0042.html"},{"type":"REPORT","url":"https://github.com/197g/static-alloc/issues/81"}],"affected":[{"package":{"name":"static-alloc","ecosystem":"crates.io","purl":"pkg:cargo/static-alloc"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.2.2-0"},{"fixed":"0.2.6"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"functions":["static_alloc::unsync::MemBump::new"],"arch":[],"os":[]}},"database_specific":{"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0042.json","cvss":null,"informational":"unsound","categories":["memory-exposure","memory-corruption"]}}],"schema_version":"1.7.3"}