CVE-2022-31104

Name of the Vulnerable Software and Affected Versions Wasmtime versions prior to 0.38.1 cranelift-codegen versions prior to 0.85.1

Description The issue is related to Wasmtime's implementation of the SIMD proposal for WebAssembly on x86 64, which contained two bugs in the instruction lowerings implemented in Cranelift. The bugs were presented in the i8x16.swizzle and select WebAssembly instructions. The select instruction is only affected when the inputs are of v128 type. The correspondingly affected Cranelift instructions were swizzle and select. This bug represents an incorrect implementation of the specified semantics of these instructions according to the WebAssembly specification. The impact of this is benign for hosts running WebAssembly but represents possible vulnerabilities within the execution of a guest program. For example, a WebAssembly program could take unintended branches or materialize incorrect values internally, which runs the risk of exposing the program itself to other related vulnerabilities that can occur from miscompilations.

Recommendations For Wasmtime versions prior to 0.38.1, update to version 0.38.1 or later. For cranelift-codegen versions prior to 0.85.1, update to version 0.85.1 or later. As a temporary workaround, consider disabling the Wasm simd proposal by setting config.wasm simd(false).