Borrowck Scarifices exposes uninitialized memory in any_as_u8_slice

The safe function any_as_u8_slice can create byte slices that reference uninitialized memory when used with types containing padding bytes.

The function uses slice::from_raw_parts to create a &[u8] covering the entire size of a type, including padding bytes. According to Rust's documentation, from_raw_parts requires all bytes to be properly initialized, but padding bytes in structs are not guaranteed to be initialized. This violates the safety contract and causes undefined behavior.

Published: Oct 22, 2025
Updated: Oct 23, 2025
GHSA: GHSA-xcpm-76hf-c9cc
Severity: Low
Exploit:

No technical information available.

CWEs:

CWE-824

Affected Software
References

Software	From	Fixed in
borrowck_sacrifices	-	0.2.0

https://github.com/alexpyattaev/borrowck_sacrifices/commit/1bdaa14da68a6e8207f9e81359116f53139800f2
https://github.com/alexpyattaev/borrowck_sacrifices/issues/1
https://rustsec.org/advisories/RUSTSEC-2025-0107.html

Vulnerability Database

Borrowck Scarifices exposes uninitialized memory in any_as_u8_slice

Deep Security Visibility Without the Complexity