Skip to content

v0.31.1 - 2023-12-01
Compare
Choose a tag to compare
@Robbepop Robbepop released this 01 Dec 13:46
v0.31.1
This tag was signed with the committer’s verified signature.
Robbepop Robin Freyler
GPG key ID: 3F93A3CD464548B5
Learn about vigilant mode.
e9fe987
This commit was signed with the committer’s verified signature.
Robbepop Robin Freyler
GPG key ID: 3F93A3CD464548B5
Learn about vigilant mode.

Fixes

  • CRITICAL: Fixed a critical vulnerability in the Wasmi engine executor.
    • The bug causes an out of bounds buffer write when calling or resuming
      a Wasm function with more than 128 parameters from the host side.
    • Affected users:
      • Users of Wasmi that use functions with more than 128 parameters
        and call those Wasm functions from their own host side. This is
        a very unlikely scenario since functions with such a high number
        of parameters are rather rare.
      • Users of Wasmi that allow external users to call Wasm functions
        with more than 128 parameters from the host side. This is a serious
        attack vector that is enabled by this vulnerability and which this
        fix closes.
    • Special note: Users of the pallet_contracts such as Polkadot are not
      affected by this vulnerability since host to Wasm function calls with
      more than 128 parameters is not possible.
    • Special thanks to Stellar Development Foundation for disclosing this bug to us.
Assets 2
Loading