{"id":"RUSTSEC-2025-0105","summary":"Uninitialized memory exposure in create_ring_buffer","details":"The safe function `create_ring_buffer` allocates a buffer using `Vec::with_capacity` followed by `set_len`, creating a `Box\u003c[T]\u003e` containing uninitialized memory.\n\nThis leads to undefined behavior when functions like `write_slices` create typed slices (e.g., `&mut [bool]`) over the uninitialized memory, violating Rust's validity invariants. The issue has been confirmed using Miri.\n\nFixed in version 0.2.2 by using `resize_with` to properly initialize the buffer with `T::default()`, adding a `T: Default` bound to ensure sound initialization.","aliases":["GHSA-fp5x-7m4q-449f"],"modified":"2025-10-28T06:29:24.396422Z","published":"2025-10-21T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/direct_ring_buffer"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0105.html"},{"type":"REPORT","url":"https://github.com/ain1084/direct_ring_buffer/issues/1"},{"type":"WEB","url":"https://github.com/ain1084/direct_ring_buffer/pull/2"}],"affected":[{"package":{"name":"direct_ring_buffer","ecosystem":"crates.io","purl":"pkg:cargo/direct_ring_buffer"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.2.2"}]}],"ecosystem_specific":{"affects":{"os":[],"arch":[],"functions":["direct_ring_buffer::create_ring_buffer"]},"affected_functions":null},"database_specific":{"categories":["memory-exposure"],"informational":"unsound","cvss":null,"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0105.json"}}],"schema_version":"1.7.3"}