Lucene search
RustsecRUSTSEC-2021-0067HistoryMay 21, 2021 - 12:00 p.m.
Memory access due to code generation flaw in Cranelift module
2021-05-2112:00:00
rustsec.org
3
0.001 Low
EPSS
Percentile
34.9%
There is a bug in 0.73.0 of the Cranelift x64 backend that can create a
scenario that could result in a potential sandbox escape in a WebAssembly
module. Users of versions 0.73.0 of Cranelift should upgrade to either 0.73.1
or 0.74 to remediate this vulnerability. Users of Cranelift prior to 0.73.0
should update to 0.73.1 or 0.74 if they were not using the old default backend.
More details can be found in the GitHub Security Advisory at:
<https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hpqh-2wqx-7qp5>
| CPE | Name | Operator | Version |
|---|---|---|---|
| cranelift-codegen | lt | 0.73.1 |
Related
cve
cve
CVE-2021-32629
2021-05-24 16:15:08
osv
osv
Memory access due to code generation flaw in Cranelift module
2021-05-21 12:00:00
PYSEC-2021-87
2021-05-24 16:15:00
CVE-2021-32629
2021-05-24 16:15:08
nvd
nvd
CVE-2021-32629
2021-05-24 16:15:08
github
github
Memory access due to code generation flaw in Cranelift module
2021-08-25 21:01:55
prion
prion
Heap overflow
2021-05-24 16:15:00
cvelist
cvelist
CVE-2021-32629 Memory access due to code generation flaw in Cranelift module
2021-05-24 15:35:11