0

Walma: Learning to See Memory Corruption in WebAssembly

WebAssembly's (Wasm) monolithic linear memory turns a single memory-corruption bug into a bidirectional threat: a compromised module can attack its embedding host, and a malicious host can tamper with a trusted module's state.

Preview
Year
2026
Hosting
Full text hostedCC-BY-4.0

Cite

Notes

Only stored in your browser.

Attribution

Abstract & full text
arxiv.org/abs/2603.24167CC-BY-4.0
TL;DR
Semantic Scholar
Attribution policy →

Abstract

WebAssembly's (Wasm) monolithic linear memory turns a single memory-corruption bug into a bidirectional threat: a compromised module can attack its embedding host, and a malicious host can tamper with a trusted module's state. Existing defenses require custom runtimes or source changes, and none can verify runtime integrity under an adversarial host. We present Walma, a framework for WebAssembly linear memory attestation that renders snapshots of linear memory as grayscale images and classifies them with a convolutional neural network. The network reads the row-aligned structure that compiled code imposes on memory and detects corruption that byte and texture statistics miss. On structured targets this extends to tampering that no program input triggers, such as direct memory writes by a malicious host. On real-world CVE-affected applications, hiding corruption from Walma's verdict requires overwriting a large fraction of memory, hundreds of kilobytes to megabytes on our targets. A Shannon-entropy analysis of benign memory bounds the class of out-of-band edits that the learned prior can detect. Across the 53 binaries of the WABench suite, attestation costs 1.07x--1.69x at the host boundary, making continuous, state-centric memory attestation for Wasm practical.