Skip to content

Instantly share code, notes, and snippets.

@haruki3hhh
Created November 8, 2024 18:58
Show Gist options
  • Save haruki3hhh/c64ff6431c71be1b08e15d4ff480ce6b to your computer and use it in GitHub Desktop.
Save haruki3hhh/c64ff6431c71be1b08e15d4ff480ce6b to your computer and use it in GitHub Desktop.
Advisory for CVE-2024-35425

Discoverer: Ziyi Guo

Details:

[Suggested description] vmir e8117 was discovered to contain a segmentation violation via the function_prepare_parse function at /src/vmir_function.c.


[VulnerabilityType Other] invalid memory access


[Vendor of Product] https://github.com/andoma/vmir


[Affected Product Code Base] https://github.com/andoma/vmir - e81176b


[Affected Component] vmir


[Attack Type] Remote


[Impact Code execution] true


[Impact Denial of Service] true


[Attack Vectors] a crafted wasm file


[Reference] andoma/vmir#19


[Discoverer] Ziyi Guo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment