VDB

CVE-2023-27477

CVE-2023-27477 PUBLISHED CVSS 3.0999999046325684 LOW

wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x86_64 platforms for the WebAssembly `i8x16.select` instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indices are greater than 16. There is an off-by-one error in the calculation of the mask to the `pshufb` instruction which causes incorrect results to be returned if lanes are selected from the second vector. This codegen bug has been fixed in Wasmtiem 6.0.1, 5.0.1, and 4.0.1. Users are recommended to upgrade to these updated versions. If upgrading is not an option for you at this time, you can avoid this miscompilation by disabling the Wasm simd proposal. Additionally the bug is only present on x86_64 hosts. Other platforms such as AArch64 and s390x are not affected.

EPSS 0.47% · 65.2th percentile

Risk Scores

CVSS 3.1
3.0999999046325684
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS Score
0.47%
65.2th percentile

Affected Products

VendorProductVersions
crates.iowasmtime5.0.0, 6.0.0, 1.0.0
bytecodealliancecranelift-codegen0.93.0, 0.84.0, 0.92.0
crates.iocranelift-codegen0.88.0, 0.92.0, 0.93.0
bytecodealliancewasmtime5.0.0, 6.0.0, *

Exploit Intelligence

Timeline

  • Mar 3, 2023 CVE Published
  • Mar 9, 2023 EPSS Score
  • Apr 17, 2023 EPSS Score
  • May 26, 2023 EPSS Score
  • Jul 4, 2023 EPSS Score
  • Aug 12, 2023 EPSS Score
  • Sep 19, 2023 EPSS Score
  • Oct 28, 2023 EPSS Score
  • Dec 6, 2023 EPSS Score
  • Jan 14, 2024 EPSS Score
  • Feb 22, 2024 EPSS Score
  • Apr 1, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›