The library breaks the safety assumptions when using unsafe API slice::from_raw_parts_mut
. The pointer passed to from_raw_parts_mut
is misaligned by casting u8
to u16
raw pointer directly, which is unsound. The bug is patched by using align_offset
, which could make sure the memory address is aligned to 2 bytes for u16
.
This was patched in 0.11.2 in the commit.
{ "nvd_published_at": null, "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-12-23T19:28:19Z" }