CVE-2022-39393
10.11.2022, 20:15
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. This bug has been patched and users should upgrade to Wasmtime 2.0.2 and 1.0.2. Other mitigations include disabling the pooling allocator and disabling the `memory-init-cow`.Enginsight
| Vendor | Product | Version |
|---|---|---|
| bytecodealliance | wasmtime | 𝑥 < 1.0.2 |
| bytecodealliance | wasmtime | 2.0.0 ≤ 𝑥 < 2.0.2 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||||||||
| mozjs38 |
| ||||||||||||||||||
| mozjs52 |
| ||||||||||||||||||
| mozjs68 |
| ||||||||||||||||||
| mozjs78 |
| ||||||||||||||||||
| mozjs91 |
| ||||||||||||||||||
| thunderbird |
|
Common Weakness Enumeration
- CWE-226 - Sensitive Information in Resource Not Removed Before ReuseThe product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or "zeroize" the information contained in the resource before the product performs a critical state transition or makes the resource available for reuse by other entities.
- CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferThe product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.
References