Off-by-one in Wasmtime - CVE-2023-41880
Published: September 14, 2023 / Updated: April 23, 2026
Vulnerability identifier: #VU127035
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-41880
CWE-ID: CWE-193
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Wasmtime
Wasmtime
Software vendor:
Bytecode Alliance
Bytecode Alliance
Description
The vulnerability allows a remote user to cause incorrect computation results.
The vulnerability exists due to an off-by-one error in the Cranelift code generator for the WebAssembly i64x2.shr_s instruction when compiling WebAssembly on x86_64 with a constant shift amount larger than 32. A remote privileged user can execute a specially crafted WebAssembly program to cause incorrect computation results.
This issue is not an escape from the WebAssembly sandbox and affects only x86_64 hosts.
Remediation
Install security update from vendor's website.