CVE-2021-32629Access of Memory Location After End of Buffer in Cranelift-codegen

CWE-788Access of Memory Location After End of BufferCWE-125Out-of-bounds ReadCWE-681Incorrect Conversion between Numeric Types5 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.1%
top 78.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Bytecodealliance Cranelift-codegenBytecodealliance Wasmtime
Timeline
PublishedMay 24
Latest updateAug 25

Description

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in a Wasm program. This bug was introduced in the new backend on 2020-09-08 and first included in a release on 2020-09-30, but the new backend was not the default prior to 0.73. The recently-released vers

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages4 packages

PyPIbytecodealliance/wasmtime< 0.27.0+1
CVEListV5bytecodealliance/wasmtime0.73.0
crates.iobytecodealliance/cranelift-codegen0.0.0-00.73.1+1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

4
OSV
Memory access due to code generation flaw in Cranelift module2021-08-25
GHSA
Memory access due to code generation flaw in Cranelift module2021-08-25
OSV
CVE-2021-32629: Cranelift is an open-source code generator maintained by Bytecode Alliance2021-05-24
OSV
Memory access due to code generation flaw in Cranelift module2021-05-21