PT-2023-20961 · Unknown +1 · Webassembly +1

Name of the Vulnerable Software and Affected Versions: WebAssembly version 1.0.29 Description: A segmentation fault was discovered in WebAssembly via the component wabt::cat compute size. Recommendations: For version 1.0.29, at the moment, there is no information about a newer version that contai...

GHSA-XM67-587Q-R2VW wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64

Impact Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indices are greater than 16. There is an off-by-one...

wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64

Impact Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indices are greater than 16. There is an off-by-one...

CVE-2023-27477

wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indice...

Code injection

wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indice...

Out-of-bounds

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

CVE-2023-26489 Guest-controlled out-of-bounds read/write on x86_64 in wasmtime

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

CVE-2023-26489

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

CVE-2023-26489 Guest-controlled out-of-bounds read/write on x86_64 in wasmtime

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

CVE-2023-26489

Summary of CVE-2023-26489 (wasmtime/Cranelift): In x86_64, Cranelift’s address-mode computation could extend a 32-bit WebAssembly address to 64 bits, producing an effective address up to 35 bits away from linear memory. With default codegen, this allowed wasm-controlled loads/stores to read/write...

CVE-2023-27477

wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indice...

Wasmtime 缓冲区错误漏洞

Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. Wasmtime suffers from a buffer error vulnerability that stems from the code generator's address pattern calculation incorrectly calculating valid addresses, which can be exploited by an...

CVE-2023-27477

Wasmtime Cranelift on x86_64 has a codegen bug for i8x16.select that can yield incorrect results when the same operand is used and some selected indices exceed 16. The off-by-one error in the mask calculation for pshufb may cause wrong results when lanes are taken from the second vector. This iss...

Wasmtime 安全漏洞

Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. A security vulnerability exists in Wasmtime that stems from the presence of a directive error that would produce incorrect results...

CVE-2023-27477

wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indice...

CVE-2023-27477

wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indice...

PT-2023-21154 · Wasmtime · Wasmtime

Name of the Vulnerable Software and Affected Versions: wasmtime versions prior to 4.0.1 wasmtime versions prior to 5.0.1 wasmtime versions prior to 6.0.1 Description: The code generation backend, Cranelift, has a bug on x86 64 platforms for the WebAssembly i8x16.select instruction which will...

SUSE CVE-2017-5132

Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...

SUSE CVE-2017-15413

Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2017-15429

Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...