Is WebAssembly Really Safe? - Wasm VM Escape and RCE Vulnerabilities Have Been Found in New Way

Explore the security implications of WebAssembly (Wasm) in this 27-minute conference talk from Black Hat. Delve into a new approach to uncovering vulnerabilities in Wasm virtual machines, focusing on VM escape and remote code execution (RCE) risks. Learn about a novel fuzzing framework designed to test Wasm runtime security across various implementations. Understand how this research shifts the focus from compiler and linker-level exploits to potential vulnerabilities within the Wasm VM itself. Gain insights from security experts Zhao Hai, Zhichen Wang, Mengchen Yu, and Lei Li as they present their findings on this critical aspect of web and edge computing security.