CVE-2025-64713

Name

CVE-2025-64713

Description

WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When frame_ref_bottom and frame_offset_bottom arrays are at capacity and a GET_GLOBAL(I32) opcode is encountered, frame_ref_bottom is expanded but frame_offset_bottom may not be. If this is immediately followed by an if opcode that triggers preserve_local_for_block, the function traverses arrays using stack_cell_num as the upper bound, causing out-of-bounds access to frame_offset_bottom since it wasn't expanded to match the increased stack_cell_num. This issue has been patched in version 2.4.4.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://github.com/bytecodealliance/wasm-micro-runtime/releases/tag/WAMR-2.4.4
CONFIRM	https://github.com/bytecodealliance/wasm-micro-runtime/security/advisories/GHSA-gvx3-gg3x-rjcx

CPE URI	Source package	Min version	Max version
	wasm-micro-runtime	>= 0	< 2.4.4
`cpe:2.3:a:bytecodealliance:webassembly_micro_runtime::::::::`	webassembly_micro_runtime	>= None	< 2.4.4

Source package	Branch	Version	Maintainer	Status
wasm-micro-runtime	edge-community	2.3.0-r1	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
wasm-micro-runtime	edge-community	2.3.0-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
wasm-micro-runtime	3.22-community	2.3.0-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable

References

Match rules

Vulnerable and fixed packages