A heap-based buffer over-read was discovered in wasm::SExpressionParser::skipWhitespace() in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm2js.
References
Link Resource
https://github.com/WebAssembly/binaryen/issues/1863 Exploit Patch Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-02-10T22:00:00

Updated: 2019-02-10T22:57:01

Reserved: 2019-02-10T00:00:00


Link: CVE-2019-7701

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2019-02-10T22:29:00.497

Modified: 2020-06-08T17:03:01.773


Link: CVE-2019-7701

JSON object: View

cve-icon Redhat Information

No data.

CWE