Afonso360

**Name of the Vulnerable Software and Affected Versions** Wasmtime versions 10.0.0 through 12.0.1 **Description** The issue is related to a miscompilation of the WebAssembly `i64x2.shr s` instruction on x86 64 platforms when the shift amount is a constant value that is larger than 32. This results in the instruction producing an incorrect result, where the low 32-bits of the second lane of the vector are derived from the low 32-bits of the second lane of the input vector instead of the high 32-bits. The primary impact is that any WebAssembly program using the `i64x2.shr s` with a constant shift amount larger than 32 may produce an incorrect result. This issue does not allow escape from the WebAssembly sandbox, and execution of WebAssembly guest programs will still behave correctly with respect to memory sandboxing and isolation from the host. **Recommendations** To resolve the issue, update to Wasmtime version 10.0.2, 11.0.2, or 12.0.2, as these versions are patched to no longer have this miscompilation. As a temporary workaround, consider disabling the SIMD proposal for WebAssembly.

**Name of the Vulnerable Software and Affected Versions** wasmtime versions prior to 4.0.1 wasmtime versions prior to 5.0.1 wasmtime versions prior to 6.0.1 **Description** The code generation backend, Cranelift, has a bug on x86 64 platforms for the WebAssembly `i8x16.select` instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indices are greater than 16. There is an off-by-one error in the calculation of the mask to the `pshufb` instruction which causes incorrect results to be returned if lanes are selected from the second vector. This bug may cause guest programs to behave unexpectedly due to the incorrect result of this instruction. In extreme cases, if a guest program is handling untrusted input, then the guest program may deviate from its intended execution. **Recommendations** For versions prior to 4.0.1, upgrade to version 4.0.1 or later. For versions prior to 5.0.1, upgrade to version 5.0.1 or later. For versions prior to 6.0.1, upgrade to version 6.0.1 or later. As a temporary workaround, consider disabling the Wasm simd proposal by setting `config.wasm simd` to `false`.