RUSTSEC-2022-0075: Bug in pooling instance allocator


> Bug in pooling instance allocator

| Details             |                                                |
| ------------------- | ---------------------------------------------- |
| Package             | `wasmtime`                      |
| Version             | `0.27.0`                   |
| URL                 | [https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-wh6w-3828-g9qf](https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-wh6w-3828-g9qf) |
| Date                | 2022-11-10                         |
| Patched versions    | `>=1.0.2, <2.0.0,>=2.0.2`                  |

bug in Wasmtime&#39;s implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance.

Mitigations are described [here](https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-wh6w-3828-g9qf).

See [advisory page](https://rustsec.org/advisories/RUSTSEC-2022-0075.html) for additional details.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

RUSTSEC-2022-0075: Bug in pooling instance allocator #4292

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Details
Package	`wasmtime`
Version	`0.27.0`
URL	GHSA-wh6w-3828-g9qf
Date	2022-11-10
Patched versions	`>=1.0.2, <2.0.0,>=2.0.2`

RUSTSEC-2022-0075: Bug in pooling instance allocator #4292

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions