Buffer overflow in Tokio-rs Slab

CVE-2025-55159

slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This cou…

Vulnerability class: Buffer Overflow

EPSS: 0.002 (5.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References