CVE-2022-39394

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-39394
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-39394.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-39394
Aliases
Published
2022-11-10T20:15:11Z
Modified
2024-05-30T03:49:12.426605Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's C API implementation where the definition of the wasmtime_trap_code does not match its declared signature in the wasmtime/trap.h header file. This discrepancy causes the function implementation to perform a 4-byte write into a 1-byte buffer provided by the caller. This can lead to three zero bytes being written beyond the 1-byte location provided by the caller. This bug has been patched and users should upgrade to Wasmtime 2.0.2. This bug can be worked around by providing a 4-byte buffer casted to a 1-byte buffer when calling wasmtime_trap_code. Users of the wasmtime crate are not affected by this issue, only users of the C API function wasmtime_trap_code are affected.

References

Affected packages

Git / github.com/bytecodealliance/wasmtime

Affected ranges

Type
GIT
Repo
https://github.com/bytecodealliance/wasmtime
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

cranelift-v0.*

cranelift-v0.60.0
cranelift-v0.61.0
cranelift-v0.69.0

filecheck-v0.*

filecheck-v0.0.1

v0.*

v0.12.0
v0.16.0
v0.17.0
v0.18.0
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.23.0
v0.24.0
v0.25.0
v0.26.0
v0.27.0
v0.28.0
v0.29.0
v0.30.0
v0.31.0
v0.32.0
v0.33.0
v0.34.0
v0.35.0

v2.*

v2.0.0
v2.0.1