Lucene search
+L

7 matches found

vulnersOsv
vulnersOsv
added 2021/11/30 10:20 p.m.8 views

embly-wrapper (=0.0.2), wasi-common-lucet (>=0.4.0 <=0.4.2) potentially affected by CVE-2021-43790 via lucet-runtime (>=0.4.3 <=0.6.1)

lucet-runtime CARGO version =0.4.3, =0.4.0, =0.4.2 Source cves: CVE-2021-43790 Source advisory: OSV:GHSA-HF79-8HJP-RRVQ...

8.5CVSS7.2AI score0.01566EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2021/11/30 10:20 p.m.34 views

Use After Free in lucet

Impact There is a bug in the main branch of Lucet's lucet-runtime that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduced early in the development of Lucet and is present in all releases. As a result of...

8.5CVSS7.5AI score0.01566EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2021/11/30 10:20 p.m.2 views

GHSA-HF79-8HJP-RRVQ Use After Free in lucet

Impact There is a bug in the main branch of Lucet's lucet-runtime that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduced early in the development of Lucet and is present in all releases. As a result of...

8.5CVSS7AI score0.01566EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2021/11/30 12:0 p.m.4 views

embly-wrapper (=0.0.2), wasi-common-lucet (>=0.4.0 <=0.4.2) potentially affected by CVE-2021-43790 via lucet-runtime (>=0.4.3 <=0.6.1)

lucet-runtime CARGO version =0.4.3, =0.4.0, =0.4.2 Source cves: CVE-2021-43790 Source advisory: OSV:RUSTSEC-2021-0155...

8.5CVSS7.2AI score0.01566EPSS
Exploits1
OSV
OSV
added 2021/11/30 12:15 a.m.24 views

CVE-2021-43790

Lucet is a native WebAssembly compiler and runtime. There is a bug in the main branch of lucet-runtime affecting all versions published to crates.io that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduc...

8.1CVSS8AI score
Exploits0References3
CVE
CVE
added 2021/11/29 11:55 p.m.60 views

CVE-2021-43790

Lucet (lucet-runtime) has a Use-After-Free in the Instance object caused by a race during destruction when the memory backing the Instance is released back to the pool before other fields are dropped. This affects main branch implementations and all releases published to crates.io, and leads to m...

8.5CVSS8AI score0.01566EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/11/29 11:55 p.m.32 views

CVE-2021-43790 Use After Free in lucet

Lucet is a native WebAssembly compiler and runtime. There is a bug in the main branch of lucet-runtime affecting all versions published to crates.io that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduc...

8.5CVSS8.6AI score0.01566EPSS
Exploits1References3
Rows per page
Query Builder