PT-2025-32595 · Slab+2 · Slab+2

Mox692

·

Published

2025-01-01

·

Updated

2026-04-07

·

CVE-2025-55159

CVSS v4.0

5.1

Medium

VectorAV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions: slab versions prior to 0.4.11
Description: slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get disjoint mut function incorrectly checked if indices were within the slab's capacity instead of its length, potentially allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes.
Recommendations: Update to slab version 0.4.11 or later. Avoid using get disjoint mut with indices that might be beyond the slab's actual length.

Exploit

Fix

Buffer Overflow

Weakness Enumeration

CWE-119

Related Identifiers

AZL-74897
CVE-2025-55159
GHSA-QX2V-8332-M4FV
OESA-2025-2098
OPENSUSE-SU-2025:15444-1
OPENSUSE-SU-2025:15445-1
OPENSUSE-SU-2025:15446-1
OPENSUSE-SU-2025:15461-1
OPENSUSE-SU-2025:15470-1
OPENSUSE-SU-2025:15475-1
OPENSUSE-SU-2025:15480-1
OPENSUSE-SU-2025:15492-1
OPENSUSE-SU-2025:15497-1
OPENSUSE-SU-2025:15554-1
OPENSUSE-SU-2025:20013-1
OPENSUSE-SU-2026:10496-1
OPENSUSE-SU-2026:20329-1
OPENSUSE-SU-2026:20364-1
RUSTSEC-2025-0047
SUSE-RU-2025:4131-1
SUSE-SU-2025:02957-1
SUSE-SU-2025:02961-1
SUSE-SU-2025:02962-1
SUSE-SU-2025:20717-1
SUSE-SU-2025:20858-1
SUSE-SU-2025:20921-1
SUSE-SU-2025:3944-1
SUSE-SU-2025:3954-1
SUSE-SU-2025:3955-1
SUSE-SU-2025_20921-1
SUSE-SU-2025_3944-1
SUSE-SU-2026:20686-1
SUSE-SU-2026:20744-1

Affected Products

Debian
Suse
Slab