Roypat

**Name of the Vulnerable Software and Affected Versions** versionize versions 0.1.1 through 0.1.9 **Description** An issue was discovered in the `Versionize::deserialize` implementation provided by the `versionize` crate for `vmm sys util::fam::FamStructWrapper`, which can lead to out of bounds memory accesses. The issue was corrected by inserting a check that verifies the lengths of compared flexible arrays are equal and aborts deserialization otherwise. **Recommendations** For versionize versions 0.1.1 through 0.1.9, update to version 0.1.10 or later to resolve the issue. As a temporary workaround, consider disabling the `Versionize::deserialize` function for `vmm sys util::fam::FamStructWrapper` until a patch is available. Restrict access to the vulnerable `versionize` crate to minimize the risk of exploitation.