RUSTSEC-2026-0127

See a problem?
Please try reporting it to the source first.
Source
https://rustsec.org/advisories/RUSTSEC-2026-0127
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0127.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2026-0127
Published
2026-05-02T12:00:00Z
Modified
2026-05-13T12:30:54.055270Z
Summary
Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption
Details

In array::ReadWrite::new() (line 83 of accessor/src/array.rs), let bytes = mem::size_of::<T>() * len can overflow usize when len is very large. In release mode, this silently wraps, potentially making bytes = 0. The mapper then maps with 0 bytes, and subsequent accesses (e.g. read_volatile_at) lead to undefined behavior or memory corruption.

Note: array::ReadWrite::new() itself is unsafe, so direct triggering requires an unsafe block. However, the integer overflow violates the implicit safety contract expected by callers and can lead to memory corruption downstream.

Database specific 
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / accessor

Package

Name
accessor
View open source insights on deps.dev
Purl
pkg:cargo/accessor

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0

Ecosystem specific 

{
    "affected_functions": null,
    "affects": {
        "os": [],
        "arch": [],
        "functions": []
    }
}

Database specific

source 
"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0127.json"
cvss 
null
informational 
"unsound"
categories 
[
    "memory-corruption"
]