RUSTSEC-2025-0030 – totally-safe-transmute

Package

Manager: cargo
Name: totally-safe-transmute
Vulnerable Version: >=0.0.0-0

Severity

Level: Low

CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: N/A pctlN/A

Details

totally-safe-transmute allows transmuting any type to any other type in safe Rust This crate is a toy and should never be used. It showcases a known soundness issue (https://github.com/rust-lang/rust/issues/32670) that will never get fixed. In short, Linux provides a file called `/proc/self/mem` which can be used by a program to modify its own memory. This library modifies an enum variant number by accessing its own memory as a file to effectively transmute a variable. See also <https://doc.rust-lang.org/std/os/unix/io/index.html#procselfmem-and-similar-os-features>

Metadata

Created: 2025-02-10T12:00:00Z
Modified: 2025-05-06T20:14:30Z
Source: https://osv-vulnerabilities
CWE IDs: N/A
Alternative ID: N/A
Finding: F113
Auto approve: 1