15 matches found
CVE-2026-34944
A flaw was found in Wasmtime, a runtime for WebAssembly. On x86-64 platforms with SSE3 disabled, Wasmtime's Cranelift compiler backend may load additional data beyond the intended memory boundary when compiling the 'f64x2.splat' WebAssembly instruction. This out-of-bounds read can lead to a Denia...
EUVD-2026-21023
Wasmtime segfault or unused out-of-sandbox load with f64x2.splat operator on x86-64...
GHSA-QQFJ-4VCM-26HV Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can result in a uncaught segfault due to loading from unmapped guard pages. With guard pages...
Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can result in a uncaught segfault due to loading from unmapped guard pages. With guard pages...
CVE-2026-34944
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
DEBIAN-CVE-2026-34944
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
CVE-2026-34944
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
UBUNTU-CVE-2026-34944
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
CVE-2026-34944
Wasmtime (WebAssembly runtime) prior to versions 24.0.7, 36.0.7, 42.0.2, and 43.0.1 on x86-64 with SSE3 disabled could compile f64x2.splat via Cranelift in a way that loads 8 extra bytes. When signals-based traps are disabled this may cause an uncaught segfault from unmapped guard pages. With gua...
CVE-2026-34944 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
CVE-2026-34944 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-qqfj-4vcm-26hv For more information see the GitHub-hosted security advisory...
RUSTSEC-2026-0087 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-qqfj-4vcm-26hv For more information see the GitHub-hosted security advisory...
PT-2026-31685
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
wasmtime 安全漏洞
Wasmtime is a lightweight WebAssembly runtime open source by the Bytecode Alliance. Versions prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1 of Wastime have security vulnerabilities. These vulnerabilities arise from the use of Cranelift for compiling f64x2.splat WebAssembly instructions on x86-64...