1329 matches found
DEBIAN-CVE-2025-64345
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
CVE-2025-64345
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
UBUNTU-CVE-2025-64345
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
Wasmtime provides unsound API access to a WebAssembly shared linear memory
Impact Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear memory. This is not sound for shared linear memories, which could be modified in paralle...
GHSA-HC7M-R6V8-HG9Q Wasmtime provides unsound API access to a WebAssembly shared linear memory
Impact Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear memory. This is not sound for shared linear memories, which could be modified in paralle...
CVE-2025-64345 Wasmtime provides unsound API access to a WebAssembly shared linear memory
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
CVE-2025-64345
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
CVE-2025-64345
CVE-2025-64345 affects Wasmtime (WebAssembly runtime). The Rust embedder API allows an unsound view of shared WebAssembly linear memory as a safe host-access type, enabling potential data races when memories are shared across threads. Fixed in patch releases for all supported versions (notably 24...
EUVD-2025-131930
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
CVE-2025-64345 Wasmtime provides unsound API access to a WebAssembly shared linear memory
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
CVE-2025-64345 Wasmtime provides unsound API access to a WebAssembly shared linear memory
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
EUVD-2025-124915
In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in smcclcprfxmatch. smcclcprfxmatch is called from smclistenwork and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the returned value o...
PT-2025-46722
Name of the Vulnerable Software and Affected Versions Wasmtime versions 24.0.0 through 24.0.4 Wasmtime versions 36.0.0 through 36.0.2 Wasmtime versions 37.0.0 through 37.0.2 Wasmtime versions 38.0.0 through 38.0.3 Description Wasmtime’s Rust embedder API has an issue where a WebAssembly shared...
wasmtime 竞争条件问题漏洞
wasmtime is a lightweight WebAssembly runtime open-sourced by the Bytecode Alliance. A compete condition issue vulnerability exists in wasmtime versions prior to 38.0.4, 37.0.3, 36.0.3, and 24.0.5, which stems from a data contention risk in shared linear memory...
Stack-based Buffer Overflow
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the shared memory allocation. An attacker can cause a stack overflow and disrupt servic...
Unsound API access to a WebAssembly shared linear memory
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hc7m-r6v8-hg9q For more information see the GitHub-hosted security advisory...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...
kernel: net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()
A race condition was found in the SMC Shared Memory Communications networking subsystem. The smcllcsrvaddlink function lacks proper locking, allowing concurrent link additions that can corrupt link group state and crash the kernel...
Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...