Out-of-Bounds Write Vulnerability in Wasm3 by Google
CVE-2021-45946

5.5MEDIUM

Key Information:

Vendor

Wasm3 Project

Status
Wasm3
Vendor
CVE Published:
1 January 2022

What is CVE-2021-45946?

Wasm3 version 0.5.0 contains an out-of-bounds write flaw within the CompileBlock function, which is invoked from Compile_LoopOrBlock and CompileBlockStatements. This vulnerability allows for potential manipulation of memory, potentially leading to unexpected behavior or application crashes. Developers utilizing this version should evaluate and mitigate any associated risks to ensure the integrity and security of their applications.

References

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/...
x_refsource_MISC
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33555
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.