CVE-2023-52284

WAMR (wasm-micro-runtime) versions prior to 1.3.0 are affected by CVE-2023-52284 due to mishandling of push_pop_frame_ref_offset, which can lead to a double free or memory corruption when processing a valid WebAssembly module. The issue is rooted in the runtime’s frame reference offset handling. ...

CVE-2023-52284

Bytecode Alliance wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because pushpopframerefoffset is mishandled...

PT-2023-31956 · Bytecode Alliance · Wasm-Micro-Runtime

Name of the Vulnerable Software and Affected Versions: Bytecode Alliance wasm-micro-runtime versions prior to 1.3.0 Description: The issue arises from the mishandling of push pop frame ref offset, leading to a "double free or corruption" error for a valid WebAssembly module. Recommendations: For...

CVE-2023-48105

An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasmloaderpreparebytecode function in core/iwasm/interpreter/wasmloader.c...

CVE-2023-48105

An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasmloaderpreparebytecode function in core/iwasm/interpreter/wasmloader.c...

CVE-2023-48105

An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasmloaderpreparebytecode function in core/iwasm/interpreter/wasmloader.c...

CVE-2023-48105

An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasmloaderpreparebytecode function in core/iwasm/interpreter/wasmloader.c...

PT-2023-30698 · Bytecode Alliance · Wasm-Micro-Runtime

Name of the Vulnerable Software and Affected Versions: Bytecode alliance wasm-micro-runtime version 1.2.3 Description: A heap overflow issue was discovered, allowing a remote attacker to cause a denial of service via the wasm loader prepare bytecode function in core/iwasm/interpreter/wasm loader....

CVE-2023-48105

An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasmloaderpreparebytecode function in core/iwasm/interpreter/wasmloader.c...

Wasmtime 安全漏洞

Wasmtime is a standalone WebAssembly and WASI-only wasm optimization runtime open-sourced by the Bytecode Alliance. A security vulnerability exists in versions of Wasmtime prior to 2.0.2 that stems from a data leak between instances in its pool allocator...

GHSA-JQWC-C49R-4W2X Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

Impact Wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs were presented in the i8x16.swizzle and select WebAssembly...

Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

Impact Wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs were presented in the i8x16.swizzle and select WebAssembly...

Lucet Resource Management Error Vulnerability

Lucet is an open source, native WebAssembly compiler and runtime from the Bytecode Alliance organization. Lucet has a resource management error vulnerability that stems from the presence of post-release usage in Lucet's Instance object, which can be exploited by attackers to cause memory...

Wrong type for `Linker`-define functions when used across two `Engine`s

Impact As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should not be possible to have memory unsafety issues in their embeddings of Wasmtime. An issue was discovered in the safe API of...

CVE-2021-32629

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape i...

PYSEC-2021-87

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape i...

CVE-2021-32629

Cranelift’s x64 backend bug in 0.73 (and certain earlier builds when the new backend is explicitly selected) can sign-extend a loaded i32 value, potentially enabling sandbox escapes in Wasm modules and exposing memory up to 2 GiB before the heap. Wasmtime and Lucet using Cranelift may be exploita...