Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winchhandlers before registering the winchIRQ. Registering a winchIRQ can lead to a race condition; an interrupt may occur before the winch is added to the winchhandlers list. If this happens, registerwinchirq wi...

SUSE CVE-2026-34987

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...

SUSE CVE-2026-35186

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler backend contains a bug where translating the table.grow operator causes the result to be incorrectly typed. For 32-bit tables this means that the result of the operator, internally i...

SUSE CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

SUSE CVE-2026-34946

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result in a host panic. This means that a valid guest can be compiled with Winch, on any architecture...

Wasmtime has improperly masked return value from `table.grow` with Winch compiler backend

Impact Wasmtime's Winch compiler backend contains a bug where translating the table.grow operator causes the result to be incorrectly typed. For 32-bit tables this means that the result of the operator, internally in Winch, is tagged as a 64-bit value instead of a 32-bit value. This invalid...

EUVD-2026-21037

Wasmtime has improperly masked return value from table.grow with Winch compiler backend...

GHSA-F984-PCP8-V2P7 Wasmtime has improperly masked return value from `table.grow` with Winch compiler backend

Impact Wasmtime's Winch compiler backend contains a bug where translating the table.grow operator causes the result to be incorrectly typed. For 32-bit tables this means that the result of the operator, internally in Winch, is tagged as a 64-bit value instead of a 32-bit value. This invalid...

GHSA-XX5W-CVP6-JV83 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access

Impact Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch compiler -Ccompiler=winch. By default, Wasmtime uses its Cranelift backend, not...

EUVD-2026-21031

Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access...

Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access

Impact Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch compiler -Ccompiler=winch. By default, Wasmtime uses its Cranelift backend, not...

CVE-2026-35186

A flaw was found in Wasmtime, a runtime for WebAssembly. The Winch compiler backend incorrectly handles the table.grow operator, leading to an internal type mismatch. This can result in a Denial of Service DoS, where the host process crashes. Additionally, under specific configurations with...

CVE-2026-34945

A flaw was found in Wasmtime's Winch compiler. This vulnerability, present in versions from 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, arises from an incorrect translation of the table.size instruction for 64-bit WebAssembly tables. An attacker, by crafting a malicious WebAssembly guest, could...

CVE-2026-34946

A flaw was found in Wasmtime, a runtime for WebAssembly Wasm code. A malicious Wasm program, when processed by Wasmtime's Winch compiler, can cause the underlying system to crash. This is due to an error in how the compiler handles certain instructions, leading to a Denial of Service DoS...

CVE-2026-34987

A flaw was found in Wasmtime, a runtime for WebAssembly. When using its non-default Winch compiler backend, a properly constructed guest WebAssembly Wasm module can exploit an incorrect assumption in how memory offsets are handled. This allows the guest Wasm to access host memory outside its...

GHSA-Q49F-XG75-M9XW Wasmtime has host panic when Winch compiler executes `table.fill`

Impact Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result in a host panic. This means that a valid guest can be compiled with Winch, on any architecture, and cause the host to panic. This represents a denial-of-service vulnerability i...

EUVD-2026-21025

Wasmtime has host panic when Winch compiler executes table.fill...

Wasmtime has host panic when Winch compiler executes `table.fill`

Impact Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result in a host panic. This means that a valid guest can be compiled with Winch, on any architecture, and cause the host to panic. This represents a denial-of-service vulnerability i...

EUVD-2026-21024

Wasmtime has host data leakage with 64-bit tables and Winch...

Wasmtime has host data leakage with 64-bit tables and Winch

Impact Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the host's stack to WebAssembly guests. The host's stack can possibly contain sensitive...