CVE-2023-52284 | Bytecode Alliance wasm-micro-runtime up to 1.2.x Module push_pop_frame_ref_offset double free (Issue 2586)

Posted by Angelo Barbosa | Dec 31, 2023 | CVE

A vulnerability, which was classified as problematic, was found in Bytecode Alliance wasm-micro-runtime up to 1.2.x. This affects the function push_pop_frame_ref_offset of the component Module Handler. The manipulation leads to double free.

This vulnerability is uniquely identified as CVE-2023-52284. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-52284 | Bytecode Alliance wasm-micro-runtime up to 1.2.x Module push_pop_frame_ref_offset double free (Issue 2586)

Related Posts

CVE-2024-30584 | Tenda FH1202 1.2.0.14(408) /goform/WifiBasicSet formWifiBasicSet security stack-based overflow

CVE-2024-0886 | Poikosoft EZ CD Audio Converter 8.0.7 Activation Key denial of service

CVE-2024-9487 | GitHub Enterprise Server up to 3.11.15/3.12.9/3.13.4/3.14.1 SAML SSO signature verification

CVE-2024-21597 | Juniper Junos OS on MX Packet Forwarding Engine exposure of resource (JSA75738)