Listen to this Post
The vulnerability, CVE-2025-45721, stems from unsafe memory handling in the `binary_read_to_ref` and `binary_write_from_ref` functions. These functions are designed to read from or write to a sequence of multiple items (n items of type T). They accept a single reference `&T` or `&mut T` but then calculate a total byte length by multiplying the size of `T` by the count n. This calculated length and the original pointer are then passed to `std::slice::from_raw_parts` to create a slice. When n > 1, this operation creates a slice that extends beyond the memory allocation of the original single `T` reference. This out-of-bounds slice is then used for I/O operations, leading to reads from or writes to invalid memory locations, violating Rust’s memory safety guarantees and potentially causing corruption or information disclosure.
Platform: Rust Crate
Version: binary_vec_io
Vulnerability: Memory Corruption
Severity: High
date: 2025-10-22
Prediction: Unpatched (Archived)
What Undercode Say:
`unsafe { from_raw_parts(ptr, n) }`
`cargo audit`
`valgrind –tool=memcheck`
How Exploit:
Craft input with n>1.
Trigger out-of-bounds write/read.
Execute arbitrary code.
Protection from this CVE
Do not use binary_vec_io.
Use maintained alternatives.
Enable rustc sanitizers.
Impact:
Memory corruption.
Information disclosure.
Denial-of-service.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
