CVE-2025-48756 | THREATINT

Description

In group_number in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits (e.g., 5 bits) for group number.

PUBLISHED Reserved 2025-05-24 | Published 2025-05-24 | Updated 2025-05-24 | Assigner mitre

LOW: 2.9CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

Product status

Default status

unknown

0.2.0 (semver)

affected

References

github.com/maboroshinokiseki/scsir/issues/4

crates.io/crates/scsir

cve.org (CVE-2025-48756)

nvd.nist.gov (CVE-2025-48756)

Download JSON