CVE-2025-14956
Heap-Based Buffer Overflow in WebAssembly Binaryen readExport Function
Publication date: 2025-12-19
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| webassembly | binaryen | * |
| webassembly | wasm-opt | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-14956 is a heap-based buffer overflow vulnerability in the WebAssembly Binaryen tool, specifically in the wasm-opt utility. It occurs in the function WasmBinaryReader::readExpression in the source file src/wasm/wasm-binary.cpp. When parsing a malformed WebAssembly binary, especially during Data Segment processing, the parser reads one byte beyond the allocated buffer, causing a heap buffer overflow. This happens because the parser does not properly check if there is more input before reading, leading to an out-of-bounds read and potential crash or undefined behavior. [1, 6]
How can this vulnerability impact me? :
This vulnerability can impact you by causing crashes or instability in the wasm-opt tool when processing malformed WebAssembly binaries. Since it is a heap-based buffer overflow, it may also be exploited by an attacker with local access to execute arbitrary code, corrupt memory, or disrupt the confidentiality, integrity, and availability of the affected system. The exploit is publicly available, and the vulnerability is considered moderately severe with an ease of exploitation rated as easy, so it poses a tangible security risk if unpatched. [2, 6]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by running the vulnerable wasm-opt tool with a specially crafted malformed WebAssembly binary that triggers the heap buffer overflow. A reproduction command to detect the issue is `./wasm-opt repro -o /dev/null`, where `repro` is a malformed input file designed to cause the overflow. Additionally, compiling wasm-opt with AddressSanitizer enabled (`-fsanitize=address`) can help detect the heap buffer overflow during testing. Monitoring for crashes or AddressSanitizer reports during wasm-opt execution can indicate the presence of the vulnerability. [1, 6]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to apply the patch released by the vendor, identified by commit 4f52bff8c4075b5630422f902dd92a0af2c9f398, which fixes the improper input termination handling in the WasmBinaryReader::readExpression function. Users should update their WebAssembly Binaryen tool to a version that includes this fix. Additionally, avoid processing untrusted or malformed WebAssembly binaries locally until the patch is applied to prevent exploitation. [2, 4, 5]