Skip to content

Instantly share code, notes, and snippets.

@haruki3hhh

haruki3hhh/report.md

Created November 8, 2024 18:53
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save haruki3hhh/318c4e35531f9e3b01df51016ac5c12b to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save haruki3hhh/318c4e35531f9e3b01df51016ac5c12b to your computer and use it in GitHub Desktop.
Download ZIP
Advisory for CVE-2024-35421
Raw
report.md

Discoverers: Ziyi Guo

Details:

[Suggested description] vmir e8117 was discovered to contain a segmentation violation via the wasm_parse_block function at /src/vmir_wasm_parser.c.

[VulnerabilityType Other] Null Pointer Deref

[Vendor of Product] https://github.com/andoma/vmir

[Affected Product Code Base] https://github.com/andoma/vmir - e81176b

[Affected Component] vmir

[Attack Type] Remote

[Impact Code execution] true

[Impact Denial of Service] true

[Attack Vectors] a crafted wasm file

[Reference] andoma/vmir#22

[Discoverer] Ziyi Guo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment