CVE-2023-52284 | Bytecode Alliance wasm-micro-runtime up to 1.2.x Module push_pop_frame_ref_offset double free (Issue 2586)

Posted by Angelo Barbosa | Dec 31, 2023 | CVE

A vulnerability, which was classified as problematic, was found in Bytecode Alliance wasm-micro-runtime up to 1.2.x. This affects the function push_pop_frame_ref_offset of the component Module Handler. The manipulation leads to double free.

This vulnerability is uniquely identified as CVE-2023-52284. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-52284 | Bytecode Alliance wasm-micro-runtime up to 1.2.x Module push_pop_frame_ref_offset double free (Issue 2586)

Related Posts

CVE-2023-46495 | EverShop NPM up to 1.0.0-rc.7 Request sortBy cross site scripting

CVE-2024-1442 | Grafana up to 9.5.6/10.0.11/10.1.7/10.2.4/10.3.3 API privileges management

CVE-2024-0541 | Tenda W9 1.0.0.7(4456) httpd formAddSysLogRule sysRulenEn stack-based overflow

CVE-2024-4188 | OpenText Documentum Server up to 23.4 unprotected transport of credentials (KB0815868)