Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-7152

Опубликовано: 29 янв. 2019
Источник: debian

Описание

A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
binaryenfixed66-1package

Примечания

  • https://github.com/WebAssembly/binaryen/issues/1880

  • Same set of fixes as for https://github.com/WebAssembly/binaryen/issues/1879

  • address the issue.

  • https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b

  • https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e

Связанные уязвимости

ubuntu логотип

CVE-2019-7152

CVSS3: 6.5
ubuntu
около 7 лет назад

A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.

nvd логотип

CVE-2019-7152

CVSS3: 6.5
nvd
около 7 лет назад

A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.

github логотип

GHSA-jg54-xxxc-8446

CVSS3: 6.5
github
больше 3 лет назад

A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.