Medium severity6.5GHSA Advisory· Published May 13, 2025· Updated Apr 15, 2026
CVE-2025-4574
CVE-2025-4574
Description
In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
crossbeam-channelcrates.io | >= 0.5.12, < 0.5.15 | 0.5.15 |
Affected products
68- Range: >= 0.5.12, < 0.5.15
- osv-coords67 versionspkg:apk/chainguard/cargo-auditpkg:apk/chainguard/cargo-audit-docpkg:apk/chainguard/cargo-cpkg:apk/chainguard/denopkg:apk/chainguard/fdpkg:apk/chainguard/flake8-to-ruffpkg:apk/chainguard/lycheepkg:apk/chainguard/nushellpkg:apk/chainguard/nushell-pluginspkg:apk/chainguard/orandapkg:apk/chainguard/oxipngpkg:apk/chainguard/pixipkg:apk/chainguard/pixi-compatpkg:apk/chainguard/ruffpkg:apk/chainguard/ruff-python-formatterpkg:apk/chainguard/rust-analyzerpkg:apk/chainguard/samplypkg:apk/chainguard/starshippkg:apk/chainguard/wadmpkg:apk/chainguard/wasmcloudpkg:apk/chainguard/yara-xpkg:apk/chainguard/yara-x-compatpkg:apk/chainguard/yazipkg:apk/chainguard/zedpkg:apk/chainguard/ztunnel-1.24pkg:apk/chainguard/ztunnel-1.24-compatpkg:apk/chainguard/ztunnel-1.25pkg:apk/chainguard/ztunnel-1.25-compatpkg:apk/chainguard/ztunnel-fips-1.24pkg:apk/chainguard/ztunnel-fips-1.24-compatpkg:apk/chainguard/ztunnel-fips-1.25pkg:apk/chainguard/ztunnel-fips-1.25-compatpkg:apk/wolfi/cargo-auditpkg:apk/wolfi/cargo-audit-docpkg:apk/wolfi/cargo-cpkg:apk/wolfi/denopkg:apk/wolfi/fdpkg:apk/wolfi/flake8-to-ruffpkg:apk/wolfi/lycheepkg:apk/wolfi/nushellpkg:apk/wolfi/nushell-pluginspkg:apk/wolfi/orandapkg:apk/wolfi/oxipngpkg:apk/wolfi/pixipkg:apk/wolfi/pixi-compatpkg:apk/wolfi/ruffpkg:apk/wolfi/ruff-python-formatterpkg:apk/wolfi/rust-analyzerpkg:apk/wolfi/samplypkg:apk/wolfi/starshippkg:apk/wolfi/wadmpkg:apk/wolfi/wasmcloudpkg:apk/wolfi/yara-xpkg:apk/wolfi/yara-x-compatpkg:apk/wolfi/yazipkg:apk/wolfi/zedpkg:apk/wolfi/ztunnel-1.24pkg:apk/wolfi/ztunnel-1.24-compatpkg:apk/wolfi/ztunnel-1.25pkg:apk/wolfi/ztunnel-1.25-compatpkg:cargo/crossbeam-channelpkg:rpm/opensuse/cargo-audit&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/cargo-c&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cargo-c&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python-maturin&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/cargo-c&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/cargo-c&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 0.21.2-r3+ 66 more
- (no CPE)range: < 0.21.2-r3
- (no CPE)range: < 0.21.2-r3
- (no CPE)range: < 0.10.12-r1
- (no CPE)range: < 2.2.9-r0
- (no CPE)range: < 10.2.0-r2
- (no CPE)range: < 0.11.5-r1
- (no CPE)range: < 0.18.1-r4
- (no CPE)range: < 0.103.0-r4
- (no CPE)range: < 0.103.0-r4
- (no CPE)range: < 0.6.5-r5
- (no CPE)range: < 9.1.4-r1
- (no CPE)range: < 0.45.0-r2
- (no CPE)range: < 0.45.0-r2
- (no CPE)range: < 0.11.5-r1
- (no CPE)range: < 0.11.5-r1
- (no CPE)range: < 20240722-r3
- (no CPE)range: < 0.13.1-r3
- (no CPE)range: < 1.22.1-r1
- (no CPE)range: < 0.21.0-r2
- (no CPE)range: < 1.7.1-r2
- (no CPE)range: < 0.14.0-r2
- (no CPE)range: < 0.14.0-r2
- (no CPE)range: < 25.4.8-r1
- (no CPE)range: < 0.181.6-r0
- (no CPE)range: < 1.24.4-r4
- (no CPE)range: < 1.24.4-r4
- (no CPE)range: < 1.25.1-r2
- (no CPE)range: < 1.25.1-r2
- (no CPE)range: < 1.24.4-r2
- (no CPE)range: < 1.24.4-r2
- (no CPE)range: < 1.25.1-r2
- (no CPE)range: < 1.25.1-r2
- (no CPE)range: < 0.21.2-r3
- (no CPE)range: < 0.21.2-r3
- (no CPE)range: < 0.10.12-r1
- (no CPE)range: < 2.2.9-r0
- (no CPE)range: < 10.2.0-r2
- (no CPE)range: < 0.11.5-r1
- (no CPE)range: < 0.18.1-r4
- (no CPE)range: < 0.103.0-r4
- (no CPE)range: < 0.103.0-r4
- (no CPE)range: < 0.6.5-r5
- (no CPE)range: < 9.1.4-r1
- (no CPE)range: < 0.45.0-r2
- (no CPE)range: < 0.45.0-r2
- (no CPE)range: < 0.11.5-r1
- (no CPE)range: < 0.11.5-r1
- (no CPE)range: < 20240722-r3
- (no CPE)range: < 0.13.1-r3
- (no CPE)range: < 1.22.1-r1
- (no CPE)range: < 0.21.0-r2
- (no CPE)range: < 1.7.1-r2
- (no CPE)range: < 0.14.0-r2
- (no CPE)range: < 0.14.0-r2
- (no CPE)range: < 25.4.8-r1
- (no CPE)range: < 0.181.6-r0
- (no CPE)range: < 1.24.4-r4
- (no CPE)range: < 1.24.4-r4
- (no CPE)range: < 1.25.1-r2
- (no CPE)range: < 1.25.1-r2
- (no CPE)range: >= 0.5.12, < 0.5.15
- (no CPE)range: < 0.21.2~git0.18e58c2-2.1
- (no CPE)range: < 0.10.15-160000.1.1
- (no CPE)range: < 0.10.3~git0.ee7d7ef-4.1
- (no CPE)range: < 1.4.0-150600.3.6.1
- (no CPE)range: < 0.10.15-160000.1.1
- (no CPE)range: < 0.10.15-160000.1.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.