CVE-2021-39216 – Use after free passing `externref`s to Wasm in Wasmtime

https://notcve.org/view.php?id=CVE-2021-39216

Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.19.0 and before version 0.30.0 there was a use-after-free bug when passing `externref`s from the host to guest Wasm content. To trigger the bug, you have to explicitly pass multiple `externref`s from the host to a Wasm instance at the same time, either by passing multiple `externref`s as arguments from host code to a Wasm function, or returning multiple `externref`s to Wasm from a multi-value return function defined in the host. If you do not have host code that matches one of these shapes, then you are not impacted. If Wasmtime's `VMExternRefActivationsTable` became filled to capacity after passing the first `externref` in, then passing in the second `externref` could trigger a garbage collection. • https://crates.io/crates/wasmtime https://github.com/bytecodealliance/wasmtime/commit/101998733b74624cbd348a2366d05760b40181f3 https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-v4cp-h94r-m7xf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAVBRYDDUIY2ZR3K3FO4BVYJKIMJ5TP7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2Z33FTXFQ6EOINVEQIP4DFBG53G5XIY • CWE-416: Use After Free •