Description

In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.

INFO

Published Date :

2025-05-13T21:47:24.951Z

Last Modified :

2026-03-26T22:05:38.880Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-4574 vulnerability.

Vendors Products
Redhat
  • Directory Server
  • Enterprise Linux
  • Openshift
  • Openshift Ai
  • Satellite
  • Trusted Artifact Signer
  • Trusted Profile Analyzer
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4574.

URL Resource
https://access.redhat.com/security/cve/CVE-2025-4574 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2358890 cve-icon cve-icon
https://github.com/advisories/GHSA-pg9f-39pc-qf8g cve-icon cve-icon
https://github.com/crossbeam-rs/crossbeam/pull/1187 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-4574 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-4574 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact