llvm/llvm-project

GitHub

github.com

llvm.org

Releases324

Frequency3 weeks 4 days

Last Release 22 days ago

Stars38.8K

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-45056 ↗	Aug 29, 2024Thursday, 29 August 2024, 17:15	5.9 MEDIUM	—
zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold `(xor (shl 1, x), -1)` to `(rotl ~1, x)` if run with optimizations enabled. Here `~1` is generated as an unsigned 64 bits number (`2^64-1`). This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended. Thus instead of producing `roti 2^256 - 1, x` the compiler produces `rotl 2^64 - 1, x`. Analysis has shown that no contracts were affected by the date of publishing this advisory. This issue has been addressed in version 1.5.3. Users are advised to upgrade and redeploy all contracts. There are no known workarounds for this vulnerability.
CVE-2024-31852 ↗	Apr 5, 2024Friday, 5 April 2024, 15:15	5.9 MEDIUM	—
LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low, because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So, if this function is covered by any testing, the miscompile is most likely to be discovered before the binary is shipped to production."
CVE-2023-46049 ↗	Mar 27, 2024Wednesday, 27 March 2024, 06:15	5.3 MEDIUM	—
LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and because a crash of the llvm-lto application should be categorized as a usability problem.
CVE-2023-29932 ↗	May 5, 2023Friday, 5 May 2023, 15:15	5.5 MEDIUM	—
llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.
CVE-2023-29933 ↗	May 5, 2023Friday, 5 May 2023, 15:15	5.5 MEDIUM	—
llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.
CVE-2023-29934 ↗	May 5, 2023Friday, 5 May 2023, 15:15	5.5 MEDIUM	—
llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().
CVE-2023-29935 ↗	May 5, 2023Friday, 5 May 2023, 15:15	5.5 MEDIUM	—
llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.
CVE-2023-29939 ↗	May 5, 2023Friday, 5 May 2023, 15:15	5.5 MEDIUM	—
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).
CVE-2023-29941 ↗	May 5, 2023Friday, 5 May 2023, 15:15	5.5 MEDIUM	—
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.
CVE-2023-29942 ↗	May 5, 2023Friday, 5 May 2023, 15:15	5.5 MEDIUM	—
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.
CVE-2023-26924 ↗	Mar 27, 2023Monday, 27 March 2023, 22:15	5.5 MEDIUM	—
LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can cause undesirable behavior."