2477467 – (CVE-2026-44216) CVE-2026-44216 wasmtime: Wasmtime: Denial of Service via large WebAssembly table allocation

Bug 2477467 (CVE-2026-44216) - CVE-2026-44216 wasmtime: Wasmtime: Denial of Service via large WebAssembly table allocation

Summary: CVE-2026-44216 wasmtime: Wasmtime: Denial of Service via large WebAssembly ta...

Keywords:
Status:	NEW
Alias:	CVE-2026-44216
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-05-14 16:02 UTC by OSIDB Bzimport
Modified:	2026-05-15 11:55 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-05-14 16:02:01 UTC

Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This overflow is possible to trigger, and thus panic, when a table with an extremely large size is allocated. This is possible with the WebAssembly memory64 proposal where tables can have sizes in the 64-bit range as opposed to the previous 32-bit range which would not overflow. The panic happens when attempting to create a very large table, such as when instantiating a WebAssembly module or component. This vulnerability is fixed in 36.0.8, 43.0.2, and 44.0.1.

Note You need to log in before you can comment on or make changes to this bug.