Lucene search

PRIOn knowledge basePRION:CVE-2023-52284

HistoryDec 31, 2023 - 6:15 a.m.

Double free

2023-12-3106:15:00

PRIOn knowledge base

www.prio-n.com

bytecode alliance

wasm-micro-runtime

double free

corruption

error fix

webassembly

module

push_pop_frame_ref_offset

mishandled

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.5%

JSON

Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an “double free or corruption” error for a valid WebAssembly module because push_pop_frame_ref_offset is mishandled.

CPENameOperatorVersion
webassembly_micro_runtimelt1.3.0

CPE	Name	Operator	Version
	webassembly_micro_runtime	lt	1.3.0

References

github.com/bytecodealliance/wasm-micro-runtime/compare/WAMR-1.2.3...WAMR-1.3.0

github.com/bytecodealliance/wasm-micro-runtime/issues/2586

github.com/bytecodealliance/wasm-micro-runtime/pull/2590