Intel

AIKIDO-2026-500896

wasmtime-wasi is vulnerable to Incorrect Authorization

Incorrect AuthorizationGHSA-4ch3-9j33-3pmj Published Jun 25, 2026

65

Medium Risk

This Affects:

RUSTwasmtime-wasi
0.2.0 - 24.0.10
Fixed in 24.0.11
25.0.0 - 36.0.11
Fixed in 36.0.12
37.0.0 - 45.0.2
Fixed in 45.0.3
46.0.0 - 46.0.0
Fixed in 46.0.1
Are you affected? Scan for Free

TL;DR

wasmtime-wasi enforces per-preopen file permissions through the WasiCtxBuilder FilePerms setting, but its WASI filesystem implementation only checks directory mutation permissions when creating hard links or renaming files. A guest with a read-only file capability can hard-link or rename that file into a preopen that grants write access, then open the alias for writing to overwrite the original read-only file. This bypasses the FilePerms::READ-only restriction and lets the guest modify host files that were meant to be read-only. The fix makes link and rename operations require matching directory and file permissions between the source and destination preopens.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range and your embedding exposes one preopen as read-only files while another preopen permits file writes.

Background info

wasmtime-wasi is vulnerable to Incorrect Authorization in versions 0.2.0 - 24.0.10, 25.0.0 - 36.0.11, 37.0.0 - 45.0.2 and 46.0.0 - 46.0.0.

How to fix this

Upgrade the wasmtime-wasi library to the patch version.