CVE-2025-14957
Unknown Unknown - Not Provided
Null Pointer Dereference in WebAssembly Binaryen IRBuilder Functions

Publication date: 2025-12-19

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBuilder::makeLocalSet/IRBuilder::makeLocalTee of the file src/wasm/wasm-ir-builder.cpp of the component IRBuilder. Such manipulation of the argument Index leads to null pointer dereference. Local access is required to approach this attack. The exploit is publicly available and might be used. The name of the patch is 6fb2b917a79578ab44cf3b900a6da4c27251e0d4. Applying a patch is advised to resolve this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-19
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14957
EUVD
EUVD-2025-204582
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
webassembly binaryen *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-14957 is a vulnerability in the WebAssembly Binaryen project affecting the IRBuilder component, specifically the functions makeLocalGet, makeLocalSet, and makeLocalTee. The issue arises from improper validation of local variable indexes, which can lead to a null pointer dereference when an invalid local index is accessed during WebAssembly intermediate representation construction or optimization. This causes a segmentation fault (crash) in the wasm-opt tool when processing malformed WebAssembly binaries. The vulnerability requires local access to exploit and has a publicly available proof-of-concept. A patch has been implemented that adds explicit validation checks to ensure local indexes are within valid bounds, preventing out-of-bounds access and eliminating the crash. [1, 2, 5, 7]

Impact Analysis

This vulnerability can cause denial of service by crashing the wasm-opt tool when it processes malformed WebAssembly binaries. The null pointer dereference leads to a segmentation fault, causing the application to abort unexpectedly and impacting availability. Since the exploit requires local access, an attacker with such access can trigger this crash, potentially disrupting services or workflows that rely on wasm-opt or the WebAssembly Binaryen toolchain. The impact is primarily on availability, with no direct compromise of confidentiality or integrity reported. [2, 5, 6, 7]

Detection Guidance

This vulnerability can be detected by attempting to reproduce the crash using a crafted malformed WebAssembly binary with the wasm-opt tool from the WebAssembly Binaryen project. A known reproduction command is `./wasm-opt repro -o /dev/null`, where `repro` is a specially crafted malformed WebAssembly binary that triggers the null pointer dereference and segmentation fault. Monitoring for crashes or segmentation faults in wasm-opt during processing of WebAssembly binaries can also indicate the presence of this vulnerability. [5, 6, 7]

Mitigation Strategies

The immediate step to mitigate this vulnerability is to apply the patch identified by commit 6fb2b917a79578ab44cf3b900a6da4c27251e0d4, which adds validation checks for local variable indexes in the IRBuilder component. This patch prevents invalid local index access and eliminates the null pointer dereference. Updating the WebAssembly Binaryen tool to a version that includes this fix (merged on December 10, 2025) is advised. Additionally, avoid processing untrusted or malformed WebAssembly binaries with vulnerable versions of wasm-opt until patched. [1, 2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14957. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart