P1umer (Jul 15 2022 at 11:11): P1umer (Jul 15 2022 at 11:11):I got many crash samples while fuzzing the mini-loader of the WAMR project. I would like to know what are the advantages of mini-loader over normal loader? I noticed a discussion in issue https://github.com/bytecodealliance/wasm-micro-runtime/issues/569, and I think a memory corruption vulnerability in the mini-loader could lead to arbitrary code execution if the mini-loader is used on some devices. I'm wondering if the vulnerabilities in mini-loader would be considered security issues and assigned CVEs?
fitzgen (he/him) (Jul 15 2022 at 16:36):hi @P1umer, you might have a better chance at getting this in front of the right people if you posted in the #wamr stream, or filed an issue on the wamr repo. I don't think a ton of wamr folks hang out in #general.
Last updated: Oct 23 2024 at 20:03 UTC