Out-of-Bounds Write Vulnerability in Wasm3 by Google
CVE-2021-45929

5.5MEDIUM

Key Information:

Vendor

Wasm3 Project

Status
Wasm3
Vendor
CVE Published:
1 January 2022

What is CVE-2021-45929?

Wasm3 version 0.5.0 contains a vulnerability that allows for an out-of-bounds write within the CompileBlock function, which is invoked by CompileElseBlock and Compile_If. This flaw could potentially lead to unexpected behavior or crashes in the affected application.

References

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/...
x_refsource_MISC
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36551
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.