CVE-2023-29935Reachable Assertion in Llvm

CWE-617Reachable Assertion6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 98.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LlvmDebian Llvm-toolchain-13Debian Llvm-toolchain-14+3 more
Timeline
PublishedMay 5
Latest updateMay 9

Description

llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDllvm/llvm2022-11-23

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-2wrh-j8p9-w4c5: llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements2023-05-05
OSV
CVE-2023-29935: llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements2023-05-05

📋Vendor Advisories

3
Microsoft
llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.2023-05-09
Red Hat
llvm: gpu-to-llvm Pass crashed with error message2023-05-05
Debian
CVE-2023-29935: llvm-toolchain-13 - llvm-project commit a0138390 was discovered to contain an assertion failure at !...2023