CVE-2022-24791 — Use After Free in Wasmtime

CWE-416 — Use After Free8 documents5 sources

Severity

9.8CRITICALNVD

EPSS

0.5%

top 35.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Bytecodealliance Wasmtime Mozilla Firefox Debian Rust-wasmtime +2 more

Timeline

PublishedMar 31

Latest updateApr 1

Description

Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift. There is a use after free vulnerability in Wasmtime when both running Wasm that uses externrefs and enabling epoch interruption in Wasmtime. If you are not explicitly enabling epoch interruption (it is disabled by default) then you are not affected. If you are explicitly disabling the Wasm reference types proposal (it is enabled by default) then you are also not affected. The use after free is caused by Cranelift failin…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages7 packages

▶CVEListV5bytecodealliance/wasmtime< 0.34.2+1

▶NVDbytecodealliance/wasmtime0.34.0 — 0.34.2+1

▶crates.iobytecodealliance/wasmtime0.35.0 — 0.35.2+3

▶debiandebian/rust-wasmtime

▶Ubuntumozilla/firefox< 1:1snap1-0ubuntu1

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

Use after free in Wasmtime↗2022-04-01

▶

OSV

Use after free in Wasmtime↗2022-04-01

▶

OSV

CVE-2022-24791: Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift↗2022-03-31

▶

OSV

Use after free with `externref`s and epoch interruption in Wasmtime↗2022-03-31

▶

OSV

Use after free with `externref`s and epoch interruption in Wasmtime↗2022-03-28

▶

📋Vendor Advisories

Microsoft

Use after free in Wasmtime↗2022-03-08

▶

Debian

CVE-2022-24791: rust-wasmtime - Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift. The...↗2022

▶