OSV-2024-140

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-140

Published

2024-02-28T00:12:59.500279Z

Modified

2024-04-29T11:16:32.126190Z

Summary

Container-overflow in WasmEdge::LLVM::Compiler::compile

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67006

Crash type: Container-overflow READ 8
Crash state:
WasmEdge::LLVM::Compiler::compile
WasmEdge::LLVM::Compiler::compile
WasmEdge::Driver::FuzzTool

References

Affected packages

Type: GIT
Repo: https://github.com/WasmEdge/WasmEdge.git
Events: Introduced

bfb20047df09143f4e452f8a23e827cc3bd4156a

Fixed

62ce0eef5e9f2b4dd390ebbefbb430a95c60af64

0.14.0-alpha.2

{
    "severity": "MEDIUM"
}

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wasmedge/OSV-2024-140.yaml"

"f5cf26c66e4bbb9bca00497fce5c814aac7d56fa:62ce0eef5e9f2b4dd390ebbefbb430a95c60af64"