Search CVE reports
1 – 4 of 4 results
CVE-2023-26924
Negligible priority** DISPUTED ** LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can...
18 affected packages
llvm, llvm-toolchain-10, llvm-toolchain-11, llvm-toolchain-12, llvm-toolchain-3.3...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
llvm | — | Not in release | Not in release | Not in release | Ignored |
llvm-toolchain-10 | — | Not in release | Not affected | Not affected | Not in release |
llvm-toolchain-11 | — | Not affected | Not affected | Not in release | Not in release |
llvm-toolchain-12 | — | Not affected | Not affected | Not in release | Not in release |
llvm-toolchain-3.3 | — | Not in release | Not in release | Not in release | Not in release |
llvm-toolchain-3.4 | — | Not in release | Not in release | Not in release | Not in release |
llvm-toolchain-3.5 | — | Not in release | Not in release | Not in release | Not affected |
llvm-toolchain-3.6 | — | Not in release | Not in release | Not in release | Not affected |
llvm-toolchain-3.7 | — | Not in release | Not in release | Not affected | Not affected |
llvm-toolchain-3.8 | — | Not in release | Not in release | Not in release | Not affected |
llvm-toolchain-3.9 | — | Not in release | Not in release | Not affected | Not affected |
llvm-toolchain-4.0 | — | Not in release | Not in release | Not affected | Not affected |
llvm-toolchain-5.0 | — | Not in release | Not in release | Not affected | Not affected |
llvm-toolchain-6.0 | — | Not in release | Not affected | Not affected | Not affected |
llvm-toolchain-7 | — | Not in release | Not affected | Not affected | Not in release |
llvm-toolchain-8 | — | Not in release | Not affected | Not affected | Not affected |
llvm-toolchain-9 | — | Not in release | Not affected | Not affected | Not in release |
llvm-toolchain-snapshot | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2020-13844
Medium prioritySome fixes available 3 of 199
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka...
54 affected packages
gcc-10, gcc-3.3, gcc-4.4, gcc-4.6, gcc-4.7...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-10 | Not affected | Not affected | Fixed | Not in release | Not in release |
gcc-3.3 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.8 | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-5 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-5-cross | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
gcc-6 | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-7 | Not in release | Not in release | Vulnerable | Vulnerable | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-8 | Not in release | Not in release | Vulnerable | Vulnerable | Not in release |
gcc-8-cross | Not in release | Not in release | Vulnerable | Vulnerable | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Vulnerable | Vulnerable | Not in release |
gcc-9 | Not affected | Not affected | Fixed | Not in release | Not in release |
gcc-9-cross | Not affected | Not affected | Fixed | Not in release | Not in release |
gcc-9-cross-ports | Vulnerable | Vulnerable | Vulnerable | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-arm-none-eabi | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-avr | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-m68hc1x | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-mingw-w64 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-msp430 | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-opt | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-snapshot | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Not affected |
llvm-toolchain-3.3 | Not in release | Not in release | Not in release | Not in release | Not in release |
llvm-toolchain-3.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
llvm-toolchain-3.5 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
llvm-toolchain-3.6 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
llvm-toolchain-3.7 | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
llvm-toolchain-3.8 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
llvm-toolchain-3.9 | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
llvm-toolchain-4.0 | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
llvm-toolchain-snapshot | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2015-3027
Low priorityClang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent attackers to bypass a stack-guard...
7 affected packages
llvm, llvm-toolchain-3.2, llvm-toolchain-3.3, llvm-toolchain-3.4, llvm-toolchain-3.5...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
llvm | — | — | — | Not in release | Not in release |
llvm-toolchain-3.2 | — | — | — | Not in release | Not in release |
llvm-toolchain-3.3 | — | — | — | Not in release | Not in release |
llvm-toolchain-3.4 | — | — | — | Not in release | Not in release |
llvm-toolchain-3.5 | — | — | — | Not in release | Ignored |
llvm-toolchain-3.6 | — | — | — | Not in release | Ignored |
llvm-toolchain-snapshot | — | — | — | Not in release | Not in release |
CVE-2014-2893
Low priorityThe GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.
6 affected packages
llvm-toolchain-3.2, llvm-toolchain-3.3, llvm-toolchain-3.4, llvm-toolchain-3.5, llvm-toolchain-3.6, llvm-toolchain-snapshot
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
llvm-toolchain-3.2 | — | — | — | Not in release | Not in release |
llvm-toolchain-3.3 | — | — | — | Not in release | Not in release |
llvm-toolchain-3.4 | — | — | — | Not in release | Not in release |
llvm-toolchain-3.5 | — | — | — | Not in release | Not affected |
llvm-toolchain-3.6 | — | — | — | Not in release | Not affected |
llvm-toolchain-snapshot | — | — | — | Not in release | Not in release |