An issue was discovered in Binaryen 1.38.32. Two visitors in ir/ExpressionManipulator.cpp can lead to a NULL pointer dereference in wasm::LocalSet::finalize in wasm/wasm.cpp. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm2js.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-08-29T01:01:51

Updated: 2024-08-05T00:56:22.461Z

Reserved: 2019-08-28T00:00:00

Link: CVE-2019-15759

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-08-29T02:15:10.617

Modified: 2024-11-21T04:29:24.953

Link: CVE-2019-15759

cve-icon Redhat

No data.