CVE-2023-41051

Name of the Vulnerable Software and Affected Versions vm-memory versions 0.1.0 through 0.12.1

Description An issue was discovered in the default implementations of the VolatileMemory::{get atomic ref, aligned as ref, aligned as mut, get ref, get array ref} trait functions, which allows out-of-bounds memory access if the VolatileMemory::get slice function returns a VolatileSlice whose length is less than the function’s count argument. No implementations of get slice provided in vm memory are affected. Users of custom VolatileMemory implementations may be impacted if the custom implementation does not adhere to get slice's documentation.

Recommendations To resolve the issue, upgrade to version 0.12.2 or later, which includes a check that verifies the VolatileSlice returned by get slice is of the correct length. As a temporary workaround, consider adding a custom check to verify the length of the VolatileSlice returned by get slice before using it with the VolatileMemory trait functions.