CVE-2022-31740 WASM code could cause a register allocation problem and exploitable crash on arm64.

WASM is a code compilation format that is supported in Node.js v10.13. To be considered safe, WASM files must be validated before they are loaded. Unfortunately, there is no formal validation scheme for WASM. It is possible to craft a malicious WASM file that will be loaded and executed by a vulnerable version of the browser. If you are using WASM in your applications, make sure to validate your files before loading them. With this update, we have corrected the issue and validated all WASM files before loading them. This change has been made to avoid incorrect assembly generation and a potentially exploitable crash. As always, users should ensure that they are running the latest version of their software.

Vulnerability Details

A vulnerability was discovered in the WASM code. When a browser encounters a malicious WASM file, it would crash. A fix has been implemented to ensure that all WASM files are validated before loading them. This change has been made to avoid incorrect assembly generation and potentially exploitable crashes.

Upgrade Required

We have fixed a potential issue in the WASM compiler that could cause incorrect assembly generation and a crash. All WASM files should be validated before loading; if you are using WASM in your applications, make sure to upgrade your software before continuing to use it.

Node.js v10.13.0:

Validate all WASM files
Did you know that with Node.js v10.13.0, we load and verify every single one of your WASM files? Previously, this wasn’t the case – an exploitable vulnerability was introduced in Node.js v8.9.0 and later versions (CVE-2022-31740).

Check for WASM Updates

If you are using a browser or Node.js version that is vulnerable to CVE-2022-31740, it is important to update the software as soon as possible. If you are using an older browser or Node.js version without WASM support, there is no need to update the software.

Vulnerable Code

A vulnerability was found in a code compilation format which is used in Node.js v10.13, called WASM. There is no formal validation scheme for this format, so it was possible to craft a maliciously crafted file that would be executed by this browser version. If you are using WASM in your applications, make sure to validate your files before loading them.

Timeline

Published on: 12/22/2022 20:15:00 UTC
Last modified on: 01/06/2023 14:00:00 UTC

References

• https://www.mozilla.org/security/advisories/mfsa2022-20/
• https://www.mozilla.org/security/advisories/mfsa2022-22/
• https://www.mozilla.org/security/advisories/mfsa2022-21/
• https://bugzilla.mozilla.org/show_bug.cgi?id=1766806
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31740