Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound due to improper handling of pushpopframerefoffset during the execution of a valid WebAssembly module. An attacker can trigger a double free, leading to a denial of service. Remediation Upgrade...

PT-2023-31956 · Bytecode Alliance · Wasm-Micro-Runtime

Name of the Vulnerable Software and Affected Versions: Bytecode Alliance wasm-micro-runtime versions prior to 1.3.0 Description: The issue arises from the mishandling of push pop frame ref offset, leading to a "double free or corruption" error for a valid WebAssembly module. Recommendations: For...