rustsec-2025-0016
Vulnerability from osv_rustsec
Affected versions of this crate didn't provide sufficient lifetime constraints to conversion
functions from alloc::sync::Arc and alloc::rc::Rc, which made it possible to create
projections of these reference counted pointers. Unlike the original reference counted pointers,
these projections could outlive original data's lifetimes.
This projected pointer could cause the original Arc's or Rc's Drop::drop to get called at
a point where the original data was no longer valid, leading to a potential use after free.
The affected functions were
- pared::prc::Prc::from_rc
- pared::prc::Prc::project
- pared::prc::Prc::try_from_rc
- pared::sync::Parc::from_arc
- pared::sync::Parc::project
- pared::sync::Parc::try_from_arc
This flaw was fixed in 108f540ea8acb6073751a1aa386085c1cdc4fd1e
by requiring that the type stored in the Arcs and Rcs passed to these functions contain T: 'static.
{
"affected": [
{
"database_specific": {
"categories": [
"code-execution",
"memory-corruption"
],
"cvss": null,
"informational": null
},
"ecosystem_specific": {
"affected_functions": null,
"affects": {
"arch": [],
"functions": [
"pared::prc::Prc::from_rc",
"pared::prc::Prc::project",
"pared::prc::Prc::try_from_rc",
"pared::sync::Parc::from_arc",
"pared::sync::Parc::project",
"pared::sync::Parc::try_from_arc"
],
"os": []
}
},
"package": {
"ecosystem": "crates.io",
"name": "pared",
"purl": "pkg:cargo/pared"
},
"ranges": [
{
"events": [
{
"introduced": "0.0.0-0"
},
{
"fixed": "0.4.0"
}
],
"type": "SEMVER"
}
],
"versions": []
}
],
"aliases": [
"GHSA-vgmh-mqm4-8j88"
],
"database_specific": {
"license": "CC0-1.0"
},
"details": "Affected versions of this crate didn\u0027t provide sufficient lifetime constraints to conversion\nfunctions from `alloc::sync::Arc` and `alloc::rc::Rc`, which made it possible to create\nprojections of these reference counted pointers. Unlike the original reference counted pointers,\nthese projections could outlive original data\u0027s lifetimes.\n\nThis projected pointer could cause the original `Arc`\u0027s or `Rc`\u0027s `Drop::drop` to get called at\na point where the original data was no longer valid, leading to a potential use after free.\n\nThe affected functions were\n- `pared::prc::Prc::from_rc`\n- `pared::prc::Prc::project`\n- `pared::prc::Prc::try_from_rc`\n- `pared::sync::Parc::from_arc`\n- `pared::sync::Parc::project`\n- `pared::sync::Parc::try_from_arc`\n\nThis flaw was fixed in [108f540ea8acb6073751a1aa386085c1cdc4fd1e](https://github.com/radekvit/pared/commit/108f540ea8acb6073751a1aa386085c1cdc4fd1e)\nby requiring that the type stored in the `Arc`s and `Rc`s passed to these functions contain `T: \u0027static`.",
"id": "RUSTSEC-2025-0016",
"modified": "2025-10-28T06:02:18Z",
"published": "2025-03-13T12:00:00Z",
"references": [
{
"type": "PACKAGE",
"url": "https://crates.io/crates/pared"
},
{
"type": "ADVISORY",
"url": "https://rustsec.org/advisories/RUSTSEC-2025-0016.html"
},
{
"type": "REPORT",
"url": "https://github.com/radekvit/pared/issues/2"
}
],
"related": [],
"severity": [],
"summary": "Use after free in `Parc` and `Prc` due to missing lifetime constraints"
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.