CVE-2024-35419

Name of the Vulnerable Software and Affected Versions wac version 385e1

Description A heap overflow issue was discovered in the load module function at /wac-asan/wa.c, allowing attackers to cause a Denial of Service (DoS) via a crafted wasm file. The load module function is vulnerable, and attackers can exploit this issue by providing a specially crafted wasm file.

Recommendations For version 385e1, consider disabling the load module function as a temporary workaround until a patch is available. Restrict access to the /wac-asan/wa.c file to minimize the risk of exploitation. Avoid using crafted wasm files with the affected load module function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.