CVE-2025-48752: Process Sync has a Potential Unsound Issue in SharedMutex

May 24, 2025 (updated May 27, 2025)

In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthread_mutex is unlocked.

References

crates.io/crates/process-sync
github.com/Forestryks/process-sync-rs
github.com/Forestryks/process-sync-rs/issues/3
github.com/advisories/GHSA-mqwx-r894-9hfp
nvd.nist.gov/vuln/detail/CVE-2025-48752

Code Behaviors & Features

Detect and mitigate CVE-2025-48752 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →