CVE-2020-35881
Description
The Rust crate traitobject before 2020-06-01 made unsafe assumptions about fat pointer layout, causing memory corruption in versions like Rust 2.x.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
The Rust crate traitobject before 2020-06-01 made unsafe assumptions about fat pointer layout, causing memory corruption in versions like Rust 2.x.
The traitobject crate for Rust contains an unsoundness vulnerability due to its incorrect assumptions about the memory layout of fat pointers (trait objects). The data and data_mut functions directly transmute a pointer to a trait object to extract the data pointer, assuming the first field of the fat pointer is always the data pointer [1][2][4]. This assumption is not guaranteed by the Rust compiler and can change across Rust versions, potentially leading to memory corruption.
The vulnerability can be exploited without authentication or user interaction over a network. An attacker could craft inputs that trigger the unsafe transmute, causing the crate to misinterpret memory and read or write arbitrary data [2]. The issue affects all versions of traitobject up to (and including) the version published on 2020-06-01.
Successful exploitation can result in complete compromise of confidentiality, integrity, and availability, with a CVSS score of 9.8 (Critical) [2]. The RustSec advisory identifies this as an unsoundness vulnerability in the memory-corruption category [2].
As of the advisory publication date, no patched version has been released. A fix was committed to the repository (commit 99b1993), but it was not published to crates.io [2][3][4]. Users are advised to avoid using the crate or to apply the fix manually. The crate appears to be unmaintained.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
traitobjectcrates.io | <= 0.1.0 | — |
Affected products
9- osv-coords9 versionspkg:apk/chainguard/efs-utilspkg:apk/chainguard/efs-utils-for-aws-csi-driverpkg:apk/wolfi/efs-utilspkg:apk/wolfi/efs-utils-for-aws-csi-driverpkg:cargo/traitobjectpkg:rpm/opensuse/aws-efs-utils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/aws-efs-utils&distro=openSUSE%20Tumbleweedpkg:rpm/suse/aws-efs-utils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/aws-efs-utils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7
< 2.2.0-r20+ 8 more
- (no CPE)range: < 2.2.0-r20
- (no CPE)range: < 2.2.0-r20
- (no CPE)range: < 2.2.0-r20
- (no CPE)range: < 2.2.0-r20
- (no CPE)range: <= 0.1.0
- (no CPE)range: < 2.3.3-150600.17.6.1
- (no CPE)range: < 2.2.1-1.1
- (no CPE)range: < 2.3.3-150600.17.6.1
- (no CPE)range: < 2.3.3-150600.17.6.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-j79j-cx3h-g27hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-35881ghsaADVISORY
- github.com/reem/rust-traitobject/issues/7ghsaWEB
- rustsec.org/advisories/RUSTSEC-2020-0027.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.