WebAssembly wabt binary-reader-interp.cc GetFuncOffset use after free
Summary
| CVE | CVE-2025-6275 |
|---|---|
| State | PUBLISHED |
| Assigner | VulDB |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2025-06-19 20:15:24 UTC |
| Updated | 2026-04-29 01:00:01 UTC |
| Description | A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. A similar issue reported during the same timeframe was disputed by the code maintainer because it might not affect "real world wasm programs". Therefore, this entry might get disputed as well in the future. |
Risk And Classification
Primary CVSS: v4.0 1.9 LOW from [email protected]
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Problem Types: CWE-119 | CWE-416 | CWE-416 Use After Free | CWE-119 Memory Corruption
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | [email protected] | Secondary | 1.9 | LOW | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/C... |
| 4.0 | CNA | DECLARED | 4.8 | MEDIUM | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P |
| 3.1 | [email protected] | Secondary | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
| 3.1 | CNA | DECLARED | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R |
| 3.0 | CNA | DECLARED | 3.3 | LOW | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R |
| 2.0 | [email protected] | Secondary | 1.7 | AV:L/AC:L/Au:S/C:N/I:N/A:P | |
| 2.0 | CNA | DECLARED | 1.7 | AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR |
CVSS v4.0 Breakdown
Attack Vector
LocalAttack Complexity
LowAttack Requirements
NonePrivileges Required
LowUser Interaction
NoneConfidentiality
NoneIntegrity
NoneAvailability
LowSub Conf.
NoneSub Integrity
NoneSub Availability
NoneCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
NoneAvailability
LowCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVSS v3.0 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
NoneAvailability
LowCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Webassembly | Wabt | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | WebAssembly | Wabt | affected 1.0.0 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.1 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.2 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.3 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.4 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.5 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.6 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.7 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.8 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.9 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.10 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.11 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.12 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.13 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.14 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.15 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.16 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.17 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.18 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.19 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.20 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.21 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.22 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.23 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.24 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.25 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.26 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.27 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.28 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.29 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.30 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.31 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.32 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.33 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.34 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.35 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.36 | Not specified |
| CNA | WebAssembly | Wabt | affected 1.0.37 | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| github.com/user-attachments/files/20623626/wabt_crash_5.txt | [email protected] | github.com | Exploit |
| github.com/WebAssembly/wabt/issues/2614 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | github.com | Exploit, Issue Tracking |
| vuldb.com | [email protected] | vuldb.com | Permissions Required, Third Party Advisory, VDB Entry |
| vuldb.com | [email protected] | vuldb.com | Third Party Advisory, VDB Entry |
| vuldb.com | [email protected] | vuldb.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: JJLeo (VulDB User) (en)
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2025-06-19T00:00:00.000Z | Advisory disclosed |
| CNA | 2025-06-19T02:00:00.000Z | VulDB entry created |
| CNA | 2025-06-19T08:44:03.000Z | VulDB entry last update |
There are currently no legacy QID mappings associated with this CVE.