HistoryEdit

RUSTSEC-2020-0004

sigstack allocation bug can cause memory corruption or leak

Issued
Package
lucet-runtime-internals (crates.io)
Type
Vulnerability
Categories
Aliases
Details
https://github.com/bytecodealliance/lucet/pull/401
CVSS Score
9.1 CRITICAL
CVSS Details
Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Patched
  • <0.5.0, >=0.4.3
  • >=0.5.1

Description

An embedding using affected versions of lucet-runtime configured to use non-default Wasm globals sizes of more than 4KiB, or compiled in debug mode without optimizations, could leak data from the signal handler stack to guest programs. This can potentially cause data from the embedding host to leak to guest programs or cause corruption of guest program memory.

This flaw was resolved by correcting the sigstack allocation logic.