1000 matches found
PT-2022-37433 · Mimalloc · Mimalloc
Name of the Vulnerable Software and Affected Versions: mimalloc affected versions not specified Description: The issue arises from a change in the mimalloc allocator's logic, which broke a promise regarding alignments. This change caused the crate to return memory with incorrect alignment for...
Wasmtime may have data leakage between instances in the pooling allocator
Impact There is a bug in Wasmtime's implementation of it's pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. The pooling instance allocator in Wasmtime works by...
GHSA-WH6W-3828-G9QF Wasmtime may have data leakage between instances in the pooling allocator
Impact There is a bug in Wasmtime's implementation of it's pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. The pooling instance allocator in Wasmtime works by...
Wasmtime out of bounds read/write with zero-memory-pages configuration
Impact There is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration the virtual memory mapping for WebAssembly memories did not meet the compiler-required...
GHSA-44MR-8VMM-WJHG Wasmtime out of bounds read/write with zero-memory-pages configuration
Impact There is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration the virtual memory mapping for WebAssembly memories did not meet the compiler-required...
CVE-2022-39392
Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...
UBUNTU-CVE-2022-39392
Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...
Out-of-bounds
Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...
UBUNTU-CVE-2022-39393
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously ...
CVE-2022-39393
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously ...
Design/Logic Flaw
Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next...
RUSTSEC-2022-0075 Bug in pooling instance allocator
bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. Mitigations are described here...
Bug in pooling instance allocator
bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. Mitigations are described here...
RUSTSEC-2022-0076 Bug in Wasmtime implementation of pooling instance allocator
Bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mapping for WebAssembly memories did not meet the compiler-required configuration...
Bug in Wasmtime implementation of pooling instance allocator
Bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mapping for WebAssembly memories did not meet the compiler-required configuration...
CVE-2022-39392 Wasmtime vulnerable to out of bounds read/write with zero-memory-pages configuration
Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...
CVE-2022-39393
Wasmtime vulnerability CVE-2022-39393: prior to versions 2.0.2 and 1.0.2, a bug in the pooling instance allocator can cause the initial heap snapshot of a prior instance to be visible to the next instance when reusing linear memory. This data leakage between instances can lead to information expo...
CVE-2022-39393 Wasmtime vulnerable to data leakage between instances in the pooling allocator
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously ...
CVE-2022-39393 Wasmtime vulnerable to data leakage between instances in the pooling allocator
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously ...
CVE-2022-39393 Wasmtime vulnerable to data leakage between instances in the pooling allocator
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously ...