From e6248efe2aef24c0b48ee91aaa9d2330b9eac70d Mon Sep 17 00:00:00 2001
From: Nick Fitzgerald <fitzgen@gmail.com>
Date: Thu, 31 Mar 2022 15:41:14 -0700
Subject: [PATCH] Add CVE-2022-24791 for Wasmtime (#1217)

* Add CVE-2022-24791 for Wasmtime

* Update CVE-2022-24791

* Update crates/wasmtime/RUSTSEC-0000-0000.md

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
---
 crates/wasmtime/RUSTSEC-0000-0000.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 crates/wasmtime/RUSTSEC-0000-0000.md

diff --git a/crates/wasmtime/RUSTSEC-0000-0000.md b/crates/wasmtime/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..cd11185
--- /dev/null
+++ b/crates/wasmtime/RUSTSEC-0000-0000.md
@@ -0,0 +1,21 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "wasmtime"
+date = "2022-03-31"
+url = "https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-gwc9-348x-qwv2"
+categories = ["memory-corruption", "memory-exposure"]
+keywords = ["use-after-free", "Wasm", "garbage collection"]
+aliases = ["CVE-2022-24791"]
+
+[versions]
+patched = [">= 0.35.2", ">= 0.34.2, < 0.35.0"]
+unaffected = ["< 0.34.0"]
+
+[affected]
+functions = { "wasmtime::Config::epoch_interruption" = ["0.34.0", "0.34.1", "0.35.0", "0.35.1"] }
+```
+
+# Use after free with `externref`s and epoch interruption in Wasmtime
+
+[Use after free with `externref`s and epoch interruption in Wasmtime](https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-gwc9-348x-qwv2)