Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Wasmtime leaks host data with 64-bit tables and Winch
Vulnerability Description
Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the host's stack to WebAssembly guests. The host's stack can possibly contain sensitive data related to other host-originating operations which is not intended to be disclosed to guests. This bug specifically arose from a mistake where the return value of table.size was statically typed as a 32-bit integer, as opposed to consulting the table's index type to see how large the returned register could be. When combined with details about Wnich's ABI, such as multi-value returns, this can be combined to read stack data from the host, within a guest. This vulnerability is fixed in 36.0.7, 42.0.2, and 43.0.1.
CVSS Information
N/A
Vulnerability Type
数值类型间的不正确转换
Vulnerability Title
wasmtime 安全漏洞
Vulnerability Description
wasmtime是Bytecode Alliance开源的一个轻量级WebAssembly运行时。 Wasmtime 25.0.0至36.0.7之前版本、42.0.2之前版本和43.0.1之前版本存在安全漏洞,该漏洞源于Winch编译器错误地翻译了作为WebAssembly memory64提案一部分的64位表的table.size指令,可能导致将主机堆栈上的数据泄露给WebAssembly访客,这些数据可能包含与其他主机操作相关的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A