6 matches found
abstraps (=0.1.8), aivm (>=0.2.0 <=0.3.0) +286 more potentially affected by CVE-2022-31104 via cranelift-codegen (>=0.14.0 <=0.84.0)
cranelift-codegen CARGO version =0.14.0, =0.2.0, =0.1.0, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =0.2.9, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.26.1, =0.30.1 and more Source cves: CVE-2022-31104 Source advisory: OSV:GHSA-JQWC-C49R-4W2X...
auto-wasi (=0.1.0), ceres-executor (>=0.1.0 <=0.2.0) +79 more potentially affected by CVE-2022-31104 via wasmtime (>=0.10.0 <=0.37.0)
wasmtime CARGO version =0.10.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.40.1, =0.45.0, =0.1.0, =0.1.0, =0.1.0, =0.1.7 - lunatic-common-api =0.9.0 and more Source cves: CVE-2022-31104 Source advisory: OSV:GHSA-JQWC-C49R-4W2X...
CVE-2022-31104 Miscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime
Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...
CVE-2022-31104 Miscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime
Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...
CVE-2022-31104
CVE-2022-31104 concerns Wasmtime’s x86_64 SIMD implementation. Two Cranelift lowering bugs affected i8x16.swizzle and select for v128 inputs: swizzle overwrote the mask input register, potentially corrupting a constant; and select incorrectly handled 128‑bit vectors when the condition was 0, movi...
auto-wasi (=0.1.0), ceres-executor (>=0.1.0 <=0.2.0) +79 more potentially affected by CVE-2022-31104 via wasmtime (>=0.10.0 <=0.37.0)
wasmtime CARGO version =0.10.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.40.1, =0.45.0, =0.1.0, =0.1.0, =0.1.0, =0.1.7 - lunatic-common-api =0.9.0 and more Source cves: CVE-2022-31104 Source advisory: OSV:RUSTSEC-2022-0095...