[From nobody Tue May 26 11:07:16 2026 Received: (at submit) by bugs.debian.org; 4 May 2024 16:09:07 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02 (2021-04-09) on buxtehude.debian.org X-Spam-Level: X-Spam-Status: No, score=-4.8 required=4.0 tests=BAYES_00, FOURLA, MD5_SHA1_SUM, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 7; hammy, 150; neutral, 65; spammy, 0. spammytokens: hammytokens:0.000-+--H*RU:inutil.org, 0.000-+--H*r:jmm, 0.000-+--UD:security-tracker.debian.org, 0.000-+--securitytrackerdebianorg, 0.000-+--security-tracker.debian.org Return-path: <jmm@inutil.org> Received: from inutil.org ([109.69.64.57]:58508 helo=viruvalge.hosting.plutex.de) by buxtehude.debian.org with esmtps (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.94.2) (envelope-from <jmm@inutil.org>) id 1s3Hwf-00DU74-K8 for submit@bugs.debian.org; Sat, 04 May 2024 16:09:07 +0000 Received: by viruvalge.hosting.plutex.de (Postfix, from userid 112) id C33994030F; Sat, 4 May 2024 18:09:03 +0200 (CEST) Received: from hullmann.fritz.box (p548dc1a7.dip0.t-ipconnect.de [84.141.193.167]) by viruvalge.hosting.plutex.de (Postfix) with ESMTPSA id EC5EE40020 for <submit@bugs.debian.org>; Sat, 4 May 2024 18:09:02 +0200 (CEST) Received: from jmm by hullmann.fritz.box with local (Exim 4.97) (envelope-from <jmm@hullmann.westfalen.local>) id 1s3Hwd-000000005tc-1K67 for submit@bugs.debian.org; Sat, 04 May 2024 18:09:03 +0200 Date: Sat, 4 May 2024 18:09:03 +0200 To: submit@bugs.debian.org Subject: llvm-toolchain-14: CVE-2024-31852 Message-ID: <ZjZdnztYP2Ko01j_@pisco.westfalen.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline From: =?UTF-8?Q?Moritz_M=C3=BChlenhoff?= <jmm@inutil.org> Delivered-To: submit@bugs.debian.org Source: llvm-toolchain-14 X-Debbugs-CC: team@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for llvm-toolchain-14. CVE-2024-31852[0]: | LLVM before 18.1.3 generates code in which the LR register can be | overwritten without data being saved to the stack, and thus there | can sometimes be an exploitable error in the flow of control. This | affects the ARM backend and can be demonstrated with Clang. NOTE: | the vendor perspective is "we don't have strong objections for a CVE | to be created ... It does seem that the likelihood of this | miscompile enabling an exploit remains very low, because the | miscompile resulting in this JOP gadget is such that the function is | most likely to crash on most valid inputs to the function. So, if | this function is covered by any testing, the miscompile is most | likely to be discovered before the binary is shipped to production." https://github.com/llvm/llvm-project/issues/80287 https://bugs.chromium.org/p/llvm/issues/detail?id=69 https://github.com/llvmbot/llvm-project/commit/0e16af8e4cf3a66ad5d078d52744ae2776f9c4b2 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-31852 https://www.cve.org/CVERecord?id=CVE-2024-31852 Please adjust the affected versions in the BTS as needed. ]