CVE-2025-64713
- Source
- https://cve.org/CVERecord?id=CVE-2025-64713
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-64713.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-64713
- Aliases
-
- GHSA-gvx3-gg3x-rjcx
- Published
- 2025-11-25T22:13:47.662Z
- Modified
- 2026-04-02T13:00:02.674452Z
- Severity
-
- 5.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- WebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcode
- Details
-
WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBAL(I32) opcode is encountered, framerefbottom is expanded but frameoffsetbottom may not be. If this is immediately followed by an if opcode that triggers preservelocalforblock, the function traverses arrays using stackcellnum as the upper bound, causing out-of-bounds access to frameoffsetbottom since it wasn't expanded to match the increased stackcellnum. This issue has been patched in version 2.4.4.
- Database specific
{ "cwe_ids": [ "CWE-119" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/64xxx/CVE-2025-64713.json", "cna_assigner": "GitHub_M" }- References
-
- https://github.com/bytecodealliance/wasm-micro-runtime/releases/tag/WAMR-2.4.4
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/64xxx/CVE-2025-64713.json
- https://github.com/bytecodealliance/wasm-micro-runtime/security/advisories/GHSA-gvx3-gg3x-rjcx
- https://nvd.nist.gov/vuln/detail/CVE-2025-64713
Affected packages
Git / github.com/bytecodealliance/wasm-micro-runtime
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bytecodealliance/wasm-micro-runtime
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
01-12-2020
WAMR-01-18-2022
WAMR-01-29-2021
WAMR-02-18-2020
WAMR-02-27-2020
WAMR-03-05-2020
WAMR-03-19-2020
WAMR-03-25-2021
WAMR-03-30-2020
WAMR-04-15-2020
WAMR-04-15-2021
WAMR-05-18-2022
WAMR-06-15-2020
WAMR-07-10-2020
WAMR-08-10-2021
WAMR-09-08-2020
WAMR-09-29-2020
WAMR-12-30-2021
fast-jit-06-29-2022
tag-11-28-2019
WAMR-1.*
WAMR-1.0.0
WAMR-1.1.0
WAMR-1.1.1
WAMR-1.1.2
WAMR-1.2.0
WAMR-1.2.1
WAMR-1.2.2
WAMR-1.2.3
WAMR-1.3.0
WAMR-1.3.1
WAMR-1.3.2
WAMR-1.3.3
WAMR-2.*
WAMR-2.0.0
WAMR-2.1.0
WAMR-2.1.1
WAMR-2.1.2
WAMR-2.2.0
WAMR-2.3.0
WAMR-2.3.1
WAMR-2.4.0
WAMR-2.4.1
WAMR-2.4.2
WAMR-2.4.3