CVE-2025-4574

Description

In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.

Reserved 2025-05-12 | Published 2025-05-13 | Updated 2025-05-21 | Assigner redhat

Problem types

Double Free

Product status

Default status
unaffected

0.5.12 before 0.5.15
affected

Default status
unaffected

Default status
unaffected

Default status
affected

Default status
affected

Default status
unaffected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
affected

Default status
unaffected

Default status
unaffected

Default status
affected

Default status
affected

Default status
affected

Default status
unaffected

Default status
unaffected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
unaffected

Default status
affected

Default status
unaffected

Default status
unaffected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
unaffected

Timeline

2025-04-10:	Reported to Red Hat.
2025-04-10:	Made public.

References

access.redhat.com/security/cve/CVE-2025-4574 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2358890 (RHBZ#2358890) issue-tracking

github.com/crossbeam-rs/crossbeam/pull/1187

cve.org (CVE-2025-4574)

nvd.nist.gov (CVE-2025-4574)

Download JSON