CVE-2022-39394

2022-11-1020:15:11

CWE-787

[email protected]

web.nvd.nist.gov

wasmtime

cve-2022-39394

buffer overflow

security vulnerability

web assembly

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.6%

JSON

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime’s C API implementation where the definition of the wasmtime_trap_code does not match its declared signature in the wasmtime/trap.h header file. This discrepancy causes the function implementation to perform a 4-byte write into a 1-byte buffer provided by the caller. This can lead to three zero bytes being written beyond the 1-byte location provided by the caller. This bug has been patched and users should upgrade to Wasmtime 2.0.2. This bug can be worked around by providing a 4-byte buffer casted to a 1-byte buffer when calling wasmtime_trap_code. Users of the wasmtime crate are not affected by this issue, only users of the C API function wasmtime_trap_code are affected.

Affected configurations

Vulners

NVD

Node

bytecodealliancewasmtimeRange<2.0.2

VendorProductVersionCPE
bytecodealliancewasmtime*cpe:2.3:a:bytecodealliance:wasmtime:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bytecodealliance	wasmtime	*	cpe:2.3:a:bytecodealliance:wasmtime::::::::

CNA Affected

[
  {
    "vendor": "bytecodealliance",
    "product": "wasmtime",
    "versions": [
      {
        "version": "< 2.0.2",
        "status": "affected"
      }
    ]
  }
]