CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

CVE-2024-47763

The CVE-2024-47763 issue affects Wasmtime’s WebAssembly runtime, where tail-call support combined with stack traces can trigger a crash. Root cause: when a WebAssembly function uses return_call/return_call_indirect/return_call_ref to a host function that captures a stack trace, the stack-walking ...

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

Wasmtime 安全漏洞

Wasmtime is a standalone WebAssembly and WASI-only wasm optimization runtime open-sourced by the Bytecode Alliance. A security vulnerability exists in Wasmtime. An attacker exploiting this vulnerability could cause denial of access...

Race condition could lead to WebAssembly control-flow integrity and type safety violations

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7qmx-3fpx-r45m. For more information see the GitHub-hosted security advisory...

RUSTSEC-2024-0439 Race condition could lead to WebAssembly control-flow integrity and type safety violations

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7qmx-3fpx-r45m. For more information see the GitHub-hosted security advisory...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.2.3 MFSA 2024-43 bsc1229821 CVE-2024-8394: Crash when aborting verification of OTR chat. CVE-2024-8385: WASM type confusion involving ArrayTypes. CVE-2024-8381: Type confusion when looking up a property name in...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

Important: firefox

Issue Overview: Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird...

Amazon Linux 2 : firefox (ALASFIREFOX-2024-030)

The version of firefox installed on the remote host is prior to 115.14.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-030 advisory. Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be...

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...