SB2026041013 - Multiple vulnerabilities in Wasmtime
Published: April 10, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 12 secuirty vulnerabilities.
1) Out-of-bounds write (CVE-ID: CVE-2026-35195)
The vulnerability allows a remote user to cause a denial of service or corrupt memory.
The vulnerability exists due to out-of-bounds write in the component model string transcoding implementation when processing a guest component's realloc return value during string transcoding. A remote user can provide a crafted realloc result to cause a denial of service or corrupt memory.
By default, exploitation typically causes the process to abort due to an unhandled fault, but configurations with reduced reserved memory or removed guard pages may allow corruption outside a guest's linear memory.
2) Use-after-free (CVE-ID: CVE-2026-34983)
The vulnerability allows an attacker with physical access to cause a denial of service.
The vulnerability exists due to use-after-free in wasmtime::Linker when cloning a linker, dropping the original instance, and then using the cloned instance. An attacker with physical access can trigger the vulnerable sequence of host embedder API calls to cause a denial of service.
Guest Wasm programs cannot control this issue, and the wasmtime CLI is not affected.
3) Improper access control (CVE-ID: CVE-2026-34988)
The vulnerability allows a remote user to disclose sensitive information.
The vulnerability exists due to improper access control in the pooling allocator linear memory permission reset logic when reusing linear memory across instances under specific pooling allocator configurations. A remote user can trigger reuse of linear memory to disclose sensitive information.
Exploitation requires the pooling allocator to be in use, Config::memory_guard_size to be 0, Config::memory_reservation to be less than 4GiB, and max_memory_size to match memory_reservation.
4) Type Confusion (CVE-ID: CVE-2026-34945)
The vulnerability allows a remote user to disclose sensitive information.
The vulnerability exists due to incorrect type handling in the Winch compiler's translation of the table.size instruction when processing WebAssembly code that uses 64-bit tables. A remote user can execute crafted WebAssembly code to disclose sensitive information.
Exploitation requires use of the memory64 proposal and can expose data from the host stack to a WebAssembly guest.
5) Incorrect calculation (CVE-ID: CVE-2026-34946)
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to incorrect table indexing in the Winch compiler when compiling the table.fill instruction. A remote user can compile a valid guest that uses table.fill to cause a denial of service.
User interaction is required to process the crafted guest.
6) Out-of-bounds read (CVE-ID: CVE-2026-34944)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in Cranelift's compilation of the f64x2.splat WebAssembly instruction on x86-64 when processing a memory-loaded value without SSE3. A local user can execute crafted WebAssembly that triggers the widened load to cause a denial of service.
Exploitation requires guard pages to be enabled and signals-based-traps to be disabled. User interaction is required.
7) Type Confusion (CVE-ID: CVE-2026-35186)
The vulnerability allows a remote user to cause a denial of service and disclose sensitive information.
The vulnerability exists due to improper type handling in the Winch compiler backend when translating the table.grow operator. A remote user can cause a WebAssembly module to use the result of table.grow in memory operations to cause a denial of service and disclose sensitive information.
By default, the issue results in a process abort because the affected access reaches unmapped memory before linear memory. Information disclosure of up to 16 bytes is possible only when guard pages before linear memory are disabled.
8) Improper input validation (CVE-ID: CVE-2026-34942)
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to improper alignment verification in string transcoding for component model utf16 and latin1+utf16 encodings when processing guest-supplied strings across components. A remote user can transfer a specially crafted string with a specific address to trigger a host panic and cause a denial of service.
User interaction is required, and exploitation depends on very specific strings and addresses being transferred across components.
9) Uncaught Exception (CVE-ID: CVE-2026-34943)
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to improper handling of invalid flag bits in wasmtime::component::Val when lifting a flags-typed component model value. A remote privileged user can provide a flags value with bits set outside the defined set to cause a denial of service.
This only affects flags-typed values that are part of a WIT interface, and does not affect lifting performed with the flags! macro. User interaction is required.
10) Out-of-bounds write (CVE-ID: CVE-2026-34971)
The vulnerability allows a remote user to read and write arbitrary host memory.
The vulnerability exists due to incorrect instruction lowering in Cranelift on aarch64 when compiling certain guest heap accesses. A remote user can execute a crafted WebAssembly module to read and write arbitrary host memory.
Only 64-bit WebAssembly linear memories are affected, and exploitation requires spectre mitigations or signals-based-traps to be disabled.
11) Out-of-bounds write (CVE-ID: CVE-2026-34987)
The vulnerability allows a remote user to access host memory outside the sandbox, disclose sensitive information, cause a denial of service, or potentially execute arbitrary code.
The vulnerability exists due to out-of-bounds write in the Winch compiler backend when compiling and executing properly constructed guest Wasm. A remote user can supply specially crafted guest Wasm to access host memory outside the linear-memory sandbox, disclose sensitive information, cause a denial of service, or potentially execute arbitrary code.
Only deployments using the non-default Winch compiler backend are vulnerable. The aarch64 case has an observed working proof of concept, while the x86-64 case is described as theoretical and may not be reachable in practice.
12) Out-of-bounds read (CVE-ID: CVE-2026-34941)
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in the component model UTF-16 to latin1+utf16 string transcoding logic when processing cross-component string passing with UTF-16 source and latin1+utf16 destination encodings. A remote user can supply a crafted WebAssembly component string to cause a denial of service.
In the default configuration, exploitation causes the host process to crash with SIGBUS or SIGSEGV.
Remediation
Install update from vendor's website.
References
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-394w-hwhg-8vgm
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hfr4-7c6c-48w2
- https://github.com/advisories/GHSA-hfr4-7c6c-48w2
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-6wgr-89rj-399p
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m9w2-8782-2946
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-q49f-xg75-m9xw
- https://github.com/advisories/GHSA-q49f-xg75-m9xw
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-qqfj-4vcm-26hv
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-f984-pcp8-v2p7
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jxhv-7h78-9775
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m758-wjhj-p3jq
- https://github.com/advisories/GHSA-m758-wjhj-p3jq
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jhxm-h53p-jm7w
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-xx5w-cvp6-jv83
- https://github.com/advisories/GHSA-xx5w-cvp6-jv83
- https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hx6p-xpx3-jvvv
- https://github.com/advisories/GHSA-hx6p-xpx3-jvvv