Bug 2468983 (CVE-2026-8257)

Summary: CVE-2026-8257 binaryen: WebAssembly Binaryen: Denial of Service via manipulation in IRBuilder::makeBrOn
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in WebAssembly Binaryen. A local user can perform a manipulation within the `IRBuilder::makeBrOn` function of the `src/wasm/wasm-ir-builder.cpp` file, leading to a reachable assertion. This vulnerability can cause the program to crash, resulting in a denial of service (DoS).
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2469049    
Bug Blocks:    

Description OSIDB Bzimport 2026-05-11 02:01:21 UTC 
A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in reachable assertion. The attack needs to be approached locally. The exploit is now public and may be used. The patch is named 1251efbc1ea471c1311d2726b2bbe061ff2a291c. It is suggested to install a patch to address this issue.
Comment 2 Dominik 'Rathann' Mierzejewski 2026-05-18 10:55:55 UTC 
This is not fixed in any current release, including the latest 129, only in main git branch.

https://github.com/WebAssembly/binaryen/issues/8633