Vulnerabilities > CVE-2022-39394 - Out-of-bounds Write vulnerability in Bytecodealliance Wasmtime

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

bytecodealliance

CWE-787

critical

NVD

Published: 2022-11-10

Updated: 2022-11-16

Summary

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's C API implementation where the definition of the `wasmtime_trap_code` does not match its declared signature in the `wasmtime/trap.h` header file. This discrepancy causes the function implementation to perform a 4-byte write into a 1-byte buffer provided by the caller. This can lead to three zero bytes being written beyond the 1-byte location provided by the caller. This bug has been patched and users should upgrade to Wasmtime 2.0.2. This bug can be worked around by providing a 4-byte buffer casted to a 1-byte buffer when calling `wasmtime_trap_code`. Users of the `wasmtime` crate are not affected by this issue, only users of the C API function `wasmtime_trap_code` are affected.

Vulnerable Configurations

Part	Description	Count
Application	Bytecodealliance Bytecodealliance Wasmtime 2.0.0 Bytecodealliance Wasmtime 2.0.1 Bytecodealliance Wasmtime 0.2.0 Bytecodealliance Wasmtime 0.3.0 Bytecodealliance Wasmtime 0.4.0 Bytecodealliance Wasmtime 0.6.0 Bytecodealliance Wasmtime 0.8.0 Bytecodealliance Wasmtime 0.9.0 Bytecodealliance Wasmtime 0.10.0 Bytecodealliance Wasmtime 0.11.0 Bytecodealliance Wasmtime 0.12.0 Bytecodealliance Wasmtime 0.15.0 Bytecodealliance Wasmtime 0.16.0 Bytecodealliance Wasmtime 0.17.0 Bytecodealliance Wasmtime 0.18.0 Bytecodealliance Wasmtime 0.19.0 Bytecodealliance Wasmtime 0.20.0 Bytecodealliance Wasmtime 0.21.0 Bytecodealliance Wasmtime 0.22.0 Bytecodealliance Wasmtime 0.22.1 Bytecodealliance Wasmtime 0.23.0 Bytecodealliance Wasmtime 0.24.0 Bytecodealliance Wasmtime 0.25.0 Bytecodealliance Wasmtime 0.26.0 Bytecodealliance Wasmtime 0.26.1 Bytecodealliance Wasmtime 0.27.0 Bytecodealliance Wasmtime 0.28.0 Bytecodealliance Wasmtime 0.29.0 Bytecodealliance Wasmtime 0.30.0 Bytecodealliance Wasmtime 0.31.0 Bytecodealliance Wasmtime 0.32.0 Bytecodealliance Wasmtime 0.32.1 Bytecodealliance Wasmtime 0.33.0 Bytecodealliance Wasmtime 0.33.1 Bytecodealliance Wasmtime 0.34.0 Bytecodealliance Wasmtime 0.34.1 Bytecodealliance Wasmtime 0.34.2 Bytecodealliance Wasmtime 0.35.0 Bytecodealliance Wasmtime 0.35.1 Bytecodealliance Wasmtime 0.35.2 Bytecodealliance Wasmtime 0.36.0 Bytecodealliance Wasmtime 0.37.0 Bytecodealliance Wasmtime 0.38.0 Bytecodealliance Wasmtime 0.38.1 Bytecodealliance Wasmtime 0.38.2 Bytecodealliance Wasmtime 0.38.3 Bytecodealliance Wasmtime 0.39.0 Bytecodealliance Wasmtime 0.39.1 Bytecodealliance Wasmtime 0.40.0 Bytecodealliance Wasmtime 0.40.1 Bytecodealliance Wasmtime 1.0.0 Bytecodealliance Wasmtime 1.0.1	52

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References