CVE-2024-51745Improper Handling of Windows Device Names in Wasmtime

CWE-67Improper Handling of Windows Device NamesCWE-184Incomplete List of Disallowed Inputs7 documents5 sources
Severity
2.3LOWNVD
EPSS
0.3%
top 46.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Bytecodealliance WasmtimeDebian Rust-wasmtime
Timeline
PublishedNov 5

Description

Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so on. Untrusted Wasm programs that are given access to any filesystem directory could bypass the sandbox and access devices through those special device file

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages4 packages

debiandebian/rust-wasmtime< rust-wasmtime 26.0.1+dfsg-1 (forky)
crates.iobytecodealliance/wasmtime25.0.025.0.3+3
CVEListV5bytecodealliance/wasmtime= 26.0.0, >= 25.0.0, < 25.0.3+1

Patches

Patch: github.com

🔴Vulnerability Details

4
OSV
CVE-2024-51745: Wasmtime is a fast and secure runtime for WebAssembly2024-11-05
GHSA
Wasmtime doesn't fully sandbox all the Windows device filenames2024-11-05
OSV
Wasmtime doesn't fully sandbox all the Windows device filenames2024-11-05
OSV
Wasmtime doesn't fully sandbox all the Windows device filenames2024-11-02

📋Vendor Advisories

2
Red Hat
wasmtime: Wasmtime doesn't fully sandbox all the Windows device filenames2024-11-05
Debian
CVE-2024-51745: rust-wasmtime - Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem san...2024