Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 5 of 5 results


CVE-2024-45056

Medium priority
Not affected

zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold `(xor (shl 1, x), -1)` to `(rotl ~1, x)` if run with optimizations enabled. Here `~1` is generated as an unsigned 64 bits number (`2^64-1`). This number...

21 affected packages

llvm-toolchain-10, llvm-toolchain-11, llvm-toolchain-12, llvm-toolchain-13, llvm-toolchain-14...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
llvm-toolchain-10 Not in release Not in release Not affected Not affected
llvm-toolchain-11 Not in release Not affected Not affected
llvm-toolchain-12 Not in release Not affected Not affected
llvm-toolchain-13 Not in release Not affected Not in release
llvm-toolchain-14 Not affected Not affected Not in release
llvm-toolchain-15 Not affected Not affected Not in release
llvm-toolchain-16 Not affected Not in release Not in release
llvm-toolchain-17 Not affected Not in release Not in release
llvm-toolchain-18 Not affected Not in release Not in release
llvm-toolchain-19 Not in release Not in release Not in release
llvm-toolchain-3.5 Not in release Not in release Not in release Not affected
llvm-toolchain-3.6 Not in release Not in release Not in release Not affected
llvm-toolchain-3.7 Not in release Not in release Not in release Not affected Not affected
llvm-toolchain-3.8 Not in release Not in release Not in release Not affected
llvm-toolchain-3.9 Not in release Not in release Not in release Not affected Not affected
llvm-toolchain-4.0 Not in release Not in release Not in release Not affected Not affected
llvm-toolchain-5.0 Not in release Not in release Not in release Not affected Not affected
llvm-toolchain-6.0 Not in release Not in release Not affected Not affected Not affected
llvm-toolchain-7 Not in release Not in release Not affected Not affected
llvm-toolchain-8 Not in release Not in release Not affected Not affected Not affected
llvm-toolchain-9 Not in release Not in release Not affected Not affected
Show all 21 packages Show less packages

CVE-2024-31852

Low priority
Needs evaluation

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can...

15 affected packages

llvm-toolchain-10, llvm-toolchain-11, llvm-toolchain-12, llvm-toolchain-3.5, llvm-toolchain-3.6...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
llvm-toolchain-10 Not in release Not in release Needs evaluation Needs evaluation
llvm-toolchain-11 Not in release Needs evaluation Needs evaluation
llvm-toolchain-12 Not in release Needs evaluation Needs evaluation
llvm-toolchain-3.5 Not in release Not in release Not in release Needs evaluation
llvm-toolchain-3.6 Not in release Not in release Not in release Needs evaluation
llvm-toolchain-3.7 Not in release Not in release Not in release Needs evaluation Needs evaluation
llvm-toolchain-3.8 Not in release Not in release Not in release Needs evaluation
llvm-toolchain-3.9 Not in release Not in release Not in release Needs evaluation Needs evaluation
llvm-toolchain-4.0 Not in release Not in release Not in release Needs evaluation Needs evaluation
llvm-toolchain-5.0 Not in release Not in release Not in release Needs evaluation Needs evaluation
llvm-toolchain-6.0 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
llvm-toolchain-7 Not in release Not in release Needs evaluation Needs evaluation
llvm-toolchain-8 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
llvm-toolchain-9 Not in release Not in release Needs evaluation Needs evaluation
llvm-toolchain-snapshot Not in release Not in release Not in release
Show all 15 packages Show less packages

CVE-2023-46049

Medium priority
Not affected

** DISPUTED ** LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between...

14 affected packages

llvm-toolchain-10, llvm-toolchain-11, llvm-toolchain-12, llvm-toolchain-3.5, llvm-toolchain-3.6...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
llvm-toolchain-10 Not in release Not in release Not affected Not affected
llvm-toolchain-11 Not in release Not affected Not affected
llvm-toolchain-12 Not in release Not affected Not affected
llvm-toolchain-3.5 Not in release Not in release Not in release Not affected
llvm-toolchain-3.6 Not in release Not in release Not in release Not affected
llvm-toolchain-3.7 Not in release Not in release Not in release Not affected Not affected
llvm-toolchain-3.8 Not in release Not in release Not in release Not affected
llvm-toolchain-3.9 Not in release Not in release Not in release Not affected Not affected
llvm-toolchain-4.0 Not in release Not in release Not in release Not affected Not affected
llvm-toolchain-5.0 Not in release Not in release Not in release Not affected Not affected
llvm-toolchain-6.0 Not in release Not in release Not affected Not affected Not affected
llvm-toolchain-7 Not in release Not in release Not affected Not affected
llvm-toolchain-8 Not in release Not in release Not affected Not affected Not affected
llvm-toolchain-9 Not in release Not in release Not affected Not affected
Show all 14 packages Show less packages

CVE-2023-26924

Negligible priority
Ignored

** DISPUTED ** LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can...

18 affected packages

llvm, llvm-toolchain-10, llvm-toolchain-11, llvm-toolchain-12, llvm-toolchain-3.3...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
llvm Not in release Not in release Not in release Ignored
llvm-toolchain-10 Not in release Not affected Not affected Not in release
llvm-toolchain-11 Not affected Not affected Not in release Not in release
llvm-toolchain-12 Not affected Not affected Not in release Not in release
llvm-toolchain-3.3 Not in release Not in release Not in release Not in release
llvm-toolchain-3.4 Not in release Not in release Not in release Not in release
llvm-toolchain-3.5 Not in release Not in release Not in release Not affected
llvm-toolchain-3.6 Not in release Not in release Not in release Not affected
llvm-toolchain-3.7 Not in release Not in release Not affected Not affected
llvm-toolchain-3.8 Not in release Not in release Not in release Not affected
llvm-toolchain-3.9 Not in release Not in release Not affected Not affected
llvm-toolchain-4.0 Not in release Not in release Not affected Not affected
llvm-toolchain-5.0 Not in release Not in release Not affected Not affected
llvm-toolchain-6.0 Not in release Not affected Not affected Not affected
llvm-toolchain-7 Not in release Not affected Not affected Not in release
llvm-toolchain-8 Not in release Not affected Not affected Not affected
llvm-toolchain-9 Not in release Not affected Not affected Not in release
llvm-toolchain-snapshot Not in release Not in release Not in release Not in release Not in release
Show all 18 packages Show less packages

CVE-2020-0306

Low priority
Ignored

In LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

4 affected packages

llvm-toolchain-10, llvm-toolchain-11, llvm-toolchain-8, llvm-toolchain-9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
llvm-toolchain-10 Not in release Not in release Not affected Not affected Not in release
llvm-toolchain-11 Not in release Not affected Not affected Not in release Not in release
llvm-toolchain-8 Not in release Not in release Not affected Not affected Not affected
llvm-toolchain-9 Not in release Not in release Not affected Not affected Not in release
Show less packages