Skip to content

Filesystem sandbox not enforced

High
syrusakbary published GHSA-4mq4-7rw3-vm5j Dec 12, 2023

Package

cargo wasmer-cli (Rust)

Affected versions

>= 3.0.0

Patched versions

4.2.4

Description

Summary

As of Wasmer version v4.2.3, Wasm programs can access the filesystem outside of the sandbox.

Details

#4267

PoC

A minimal Rust program:

fn main() {
    let f = std::fs::OpenOptions::new()
        .write(true)
        .create_new(true)
        .open("abc")
        .unwrap();
}

This should be compiled with cargo build --target wasm32-wasi. The compiled program, when run with wasmer WITHOUT --dir, can still create a file in the working directory.

Impact

Service providers running untrusted Wasm code on Wasmer can unexpectedly expose the host filesystem.

Severity

High
8.4
/ 10

CVSS base metrics

Attack vector
Local
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE ID

CVE-2023-51661

Weaknesses

No CWEs

Credits