CVE-2022-39394 — Out-of-bounds Write in Wasmtime

CWE-787 — Out-of-bounds Write6 documents4 sources

Severity

9.8CRITICALNVD

EPSS

0.1%

top 70.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Bytecodealliance Wasmtime Debian Rust-wasmtime

Timeline

PublishedNov 10

Latest updateFeb 1

Description

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's C API implementation where the definition of the `wasmtime_trap_code` does not match its declared signature in the `wasmtime/trap.h` header file. This discrepancy causes the function implementation to perform a 4-byte write into a 1-byte buffer provided by the caller. This can lead to three zero bytes being written beyond the 1-byte location provided by the caller. This bug has been patched and…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5bytecodealliance/wasmtime< 2.0.2

▶NVDbytecodealliance/wasmtime2.0.0 — 2.0.2+1

▶crates.iobytecodealliance/wasmtime2.0.0 — 2.0.2+2

▶debiandebian/rust-wasmtime

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

wasmtime_trap_code C API function has out of bounds write vulnerability↗2024-02-01

▶

OSV

wasmtime_trap_code C API function has out of bounds write vulnerability↗2024-02-01

▶

OSV

CVE-2022-39394: Wasmtime is a standalone runtime for WebAssembly↗2022-11-10

▶

OSV

Out of bounds write in `wasmtime_trap_code` C API function↗2022-11-07

▶

📋Vendor Advisories

Debian

CVE-2022-39394: rust-wasmtime - Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there ...↗2022

▶