Threat Intel

v0.1

← CVEs

CVE-2026-27195

HIGH 7.5
Published
2026-02-24
Last Modified
2026-02-25
Affected Apps
14
Affected Devices
150
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the `component-model-async` feature became the default, which brought with it a new implementation of `[Typed]Func::call_async` which made it capable of calling async-typed guest export functions. However, that implementation had a bug leading to a panic under certain circumstances: First, the host embedding calls `[Typed]Func::call_async` on a function exported by a component, polling the returned `Future` once. Second, the component function yields control to the async runtime (e.g. Tokio), e.g. due to a call to host function registered using `LinkerInstance::func_wrap_async` which yields, or due an epoch interruption. Third, the host embedding drops the `Future` after polling it once. This leaves the component instance in a non-reenterable state since the call never had a chance to complete. Fourth, the host embedding calls `[Typed]Func::call_async` again, polling the returned `Future`. Since the component instance cannot be entered at this point, the call traps, but not before allocating a task and thread for the call. Fifth, the host embedding ignores the trap and drops the `Future`. This panics due to the runtime attempting to dispose of the task created above, which panics since the thread has not yet exited. When a host embedder using the affected versions of Wasmtime calls `wasmtime::component::[Typed]Func::call_async` on a guest export and then drops the returned future without waiting for it to resolve, and then does so again with the same component instance, Wasmtime will panic. Embeddings that have the `component-model-async` compile-time feature disabled are unaffected. Wasmtime 40.0.4 and 41.0.4 have been patched to fix this issue. Versions 42.0.0 and later are not affected. If an embedding is not actually using any component-model-async features then disabling the `component-model-async` Cargo feature can work around this issue. This issue can also be worked around by either ensuring every `call_async` future is awaited until it completes or refraining from using the `Store` again after dropping a not-yet-resolved `call_async` future.
Affected Applications in Environment 14
time v1.9-0.2build1
57 devices
time v1.9-25.el10
1 device
time v1.7-25.1
4 devices
time v1.9-18.el9
27 devices
time v1.9-0.1build2
27 devices
time v1.7-25.1build1
12 devices
time v1.9-0.1
4 devices
time v1.9-0.2
5 devices
time v1.9-3.el8
5 devices
time v1.9-18.el9
2 devices
time v1.9-3.el8
3 devices
time v1.9-18.el9
1 device
time v1.9-18.el9
1 device
time v1.7-45.el7
1 device
Affected Devices 150
2ua5171h8k Linux DPNCHA-194733 Linux administrator-SYS-4029GP-TRT2 Linux aggietower Linux ah-ots Linux auto-score Linux awep1 Linux bacha25 Linux bennett-HP-Z2-SFF-G4-Workstation Linux blakeutil Linux capahab Linux cceredcapdb Linux cceredcapweb Linux chela03 Linux chela04 Linux chela05 Linux devjobsub.banner.usu.edu Linux dist Linux dpapsb-161390.aggies.usu.edu Linux dpapsb-191594.mypc.usu.edu Linux educweb Linux el103-02.ece.usu.edu Linux el103-03.ece.usu.edu Linux el103-04.ece.usu.edu Linux el103-05.ece.usu.edu Linux el103-07.ece.usu.edu Linux el103-08.ece.usu.edu Linux el103-09.ece.usu.edu Linux el103-10.ece.usu.edu Linux el103-14.ece.usu.edu Linux el103-15.ece.usu.edu Linux el103-16.ece.usu.edu Linux el103-17.ece.usu.edu Linux el103-18.ece.usu.edu Linux el103-19.ece.usu.edu Linux el103-20.ece.usu.edu Linux el120-01.ece.usu.edu Linux el120-02.ece.usu.edu Linux el120-03.ece.usu.edu Linux el120-04.ece.usu.edu Linux el120-05.ece.usu.edu Linux el120-06.ece.usu.edu Linux el120-08.ece.usu.edu Linux el120-09.ece.usu.edu Linux el120-10.ece.usu.edu Linux el120-11.ece.usu.edu Linux el120-12.ece.usu.edu Linux el120-14.ece.usu.edu Linux elend Linux emby Linux eprocdev.banner.usu.edu Linux ezidadmin Linux facreadyprod.pplant.usu.edu Linux facreadytestrhel.pplant.usu.edu Linux facshibsp2.pplant.usu.edu Linux flexnet Linux flo-rida Linux guru.cluster Linux hackedpasswords Linux hotcheeto Linux infosec-grafana Linux itfinance Linux itls-wp Linux joek-HP-Z2-SFF-G9-Workstation-Desktop-PC Linux kcm.usu.edu Linux kena-utility Linux kmlab Linux ldap-lb01 Linux ldap-lb02 Linux librenms Linux librenmsdb Linux log Linux mail Linux mirror3 Linux miscdata Linux miscnet Linux monitor01 Linux monitor02 Linux my1 Linux my2 Linux mysql02 Linux omekanew Linux oms.db.usu.edu Linux owenclarke-OptiPlex-7090 Linux paymentworksdev.banner.usu.edu Linux rcbd Linux rcdb-dev Linux redcapweb Linux second-thrifted-tractor Linux sentry Linux server1mathusuedu Linux server2math Linux solar Linux spencer-funk-HP-Z2-SFF-G5-Workstation Linux starfleetpad Linux storm Linux strat Linux svn.usu.edu Linux sympa.ser321.usu.edu Linux sys-serv-l-301-data Linux thinkstation Linux tsutil.it.usu.edu Linux vinmathusuedu Linux vrtour Linux web-lb-stage.usu.edu Linux web-lb01-redirect.usu.edu Linux web-lb01.usu.edu Linux web-lb02-redirect.usu.edu Linux web-lb02.usu.edu Linux web-lb03-redirect.usu.edu Linux web-lb03.usu.edu Linux web-lb04.usu.edu Linux web02.usu.edu Linux web03.usu.edu Linux web04a Linux web06 Linux web08.usu.edu Linux web09.usu.edu Linux web10 Linux web10-awhc Linux web10-awhc Linux web11.usu.edu Linux web12.usu.edu Linux web13.usu.edu Linux web14.usu.edu Linux web15.usu.edu Linux web16.usu.edu Linux web17 Linux web18 Linux web19.usu.edu Linux web20 Linux web21 Linux web22 Linux web23 Linux web24 Linux web25 Linux web27.usu.edu Linux web28 Linux web29.usu.edu Linux web30.usu.edu Linux web31.usu.edu Linux web32.usu.edu Linux web33.usu.edu Linux web34.usu.edu Linux web35.usu.edu Linux web36.usu.edu Linux web37.usu.edu Linux webs.usu.edu Linux webtools Linux wpad Linux
References 6