FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libwasmtime -- host panic with fd_renumber WASIp1 function

Affected packages
24.0.0 <= libwasmtime < 24.0.4
33.0.0 <= libwasmtime < 33.0.2
34.0.0 <= libwasmtime < 34.0.2

Details

VuXML ID 605a9d1e-6521-11f0-beb2-ac5afc632ba3
Discovery 2025-07-18
Entry 2025-07-20

WasmTime development team reports:

A bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host (embedder).

[source]

References

CVE Name CVE-2025-53901
URL https://nvd.nist.gov/vuln/detail/CVE-2025-53901

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.