2355629 – CVE-2025-2368 wabt: WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflow [fedora-41]

Bug 2355629 - CVE-2025-2368 wabt: WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflow [fedora-41]

Summary: CVE-2025-2368 wabt: WebAssembly wabt Malformed File binary-reader-interp.cc O...

Keywords:
Status:	POST
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	wabt
Sub Component:
Version:	41
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Dominik 'Rathann' Mierzejewski
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	{"flaws": ["51ea0000-136c-407a-9ef6-b...
Depends On:
Blocks:	CVE-2025-2368
TreeView+	depends on / blocked

Reported:	2025-03-28 00:13 UTC by Robb Gatica
Modified:	2025-06-03 11:19 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	WebAssembly wabt issues 2537	None	open	Binary reader options and intended use cases	2025-06-03 11:19:33 UTC
Github	WebAssembly wabt issues 2556	None	closed	A Heap-based Buffer Overflow in wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport	2025-06-03 11:19:33 UTC
Github	WebAssembly wabt pull 2541	None	Draft	Make ReadBinaryOptions more strict across readers	2025-06-03 11:19:33 UTC

Description Robb Gatica 2025-03-28 00:13:05 UTC

More information about this security flaw is available in the following bug:

https://bugzilla.redhat.com/show_bug.cgi?id=2352871

Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

Note You need to log in before you can comment on or make changes to this bug.