Intel

AIKIDO-2026-359665

cxx is vulnerable to Use of Uninitialized Variable

Use of Uninitialized Variable Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
Published 3 days ago

28

Low Risk

This Affects:

RUSTcxx
0.0.1 - 1.0.195
Fixed in 1.0.196
Are you affected? Scan for Free

TL;DR

The let_cxx_string! macro in the cxx crate has an exception safety vulnerability where a StackString is created before the match expression evaluates, and if that expression panics, the uninitialized StackString's drop implementation unconditionally deinitializes uninitialized memory, causing segmentation faults. The fix is non-trivial because simply reordering initialization doesn't work—the init() method itself can panic when calling user-provided AsRef implementations, perpetuating the soundness issue.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range.

Background info

cxx is vulnerable to Use of Uninitialized Variable in versions 0.0.1 - 1.0.195.

How to fix this

Upgrade the cxx library to the patch version.