Lucene search
K

69 matches found

Vulnrichment
Vulnrichment
added 2025/07/18 5:10 p.m.5 views

CVE-2025-53901 Wasmtime has host panic with `fd_renumber` WASIp1 function

Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host embedder. The specific bug is triggered by calling pathopen after calling...

3.5CVSS6.7AI score0.00299EPSS
Exploits0References5
CVE
CVE
added 2025/07/18 5:10 p.m.106 views

CVE-2025-53901

Wasmtime WASI (wasmtime-wasi) contains a bug in the WASIp1 import implementation. Prior to 24.0.4, 33.0.2, and 34.0.2, calling fd_renumber followed by path_open can cause a WebAssembly guest to panic the host (embedder). The panic results from a corrupt state in fd_renumber when a second open fil...

3.5CVSS6.7AI score0.00299EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/07/18 12:0 p.m.19 views

RUSTSEC-2025-0046 Host panic with `fd_renumber` WASIp1 function

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-fm79-3f68-h2fc. For more information see the GitHub-hosted security advisory...

3.3CVSS7AI score0.00299EPSS
Exploits0References3
RustSec
RustSec
added 2025/07/18 12:0 p.m.7 views

Host panic with `fd_renumber` WASIp1 function

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-fm79-3f68-h2fc. For more information see the GitHub-hosted security advisory...

3.5CVSS7AI score0.00299EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2025/07/18 12:0 a.m.7 views

libwasmtime -- host panic with fd_renumber WASIp1 function

WasmTime development team reports: A bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host embedder...

3.5CVSS7.2AI score0.00299EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 5 : xsa201_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xsa201 xen: ARM guests may induce host asynchronous abort XSA-201 CVE-2016-9818 - Xen through 4.7.x allow...

6.8AI score0.00471EPSS
Exploits0References4
OSV
OSV
added 2024/04/04 4:15 p.m.1 views

DEBIAN-CVE-2024-30266

wasmtime is a runtime for WebAssembly. The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host runtime. A valid WebAssembly module, when executed at runtime, may cause this panic. This...

5.5CVSS5.3AI score0.00318EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 4:15 p.m.5 views

UBUNTU-CVE-2024-30266

wasmtime is a runtime for WebAssembly. The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host runtime. A valid WebAssembly module, when executed at runtime, may cause this panic. This...

5.5CVSS5.8AI score0.00318EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2024/04/04 4:15 p.m.3 views

CVE-2024-30266

wasmtime is a runtime for WebAssembly. The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host runtime. A valid WebAssembly module, when executed at runtime, may cause this panic. This...

5.5CVSS5.7AI score0.00318EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2024/04/04 3:42 p.m.5 views

CVE-2024-30266

wasmtime is a runtime for WebAssembly. The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host runtime. A valid WebAssembly module, when executed at runtime, may cause this panic. This...

5.5CVSS6.2AI score0.00318EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.3 views

SUSE CVE-2016-9815

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service host panic by sending an asynchronous abort...

6.5CVSS6.3AI score0.00464EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.3 views

SUSE CVE-2018-16884

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

7CVSS6.9AI score0.01455EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2020/04/06 12:0 a.m.10 views

PT-2020-2414 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.18 Description: The issue is caused by a conflicting use of HSTATE HOST R1 to store r1 state in kvmppc hv entry plus in kvmppc save,restore tm, leading to a stack corruption. An attacker with the ability to ru...

10CVSS7.2AI score0.08667EPSS
Exploits17References500
RedHat Linux
RedHat Linux
added 2020/03/09 2:35 p.m.4 views

kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...

7.5CVSS7AI score0.02779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/22 9:26 p.m.3 views

kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

8CVSS7AI score0.01455EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/05 8:44 p.m.3 views

kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

8CVSS7AI score0.01455EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/09/12 10:35 a.m.7 views

kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...

7.5CVSS7AI score0.02779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/07/29 3:47 p.m.2 views

kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

8CVSS7AI score0.01455EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2018/12/18 10:29 p.m.2 views

CVE-2018-16884

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

8CVSS7.3AI score0.01455EPSS
Exploits0References34
OSV
OSV
added 2018/12/18 12:0 a.m.5 views

UBUNTU-CVE-2018-16884

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

8CVSS6.8AI score0.01455EPSS
Exploits0References9
Rows per page
Query Builder