- CVSS Score
- CVSS Details
- Attack vector
- Attack complexity
- Privileges required
- User interaction
- CVSS Vector
An embedding using affected versions of lucet-runtime configured to use
non-default Wasm globals sizes of more than 4KiB, or compiled in debug mode
without optimizations, could leak data from the signal handler stack to guest
programs. This can potentially cause data from the embedding host to leak to
guest programs or cause corruption of guest program memory.
This flaw was resolved by correcting the sigstack allocation logic.