CVE-2024-31852Expected Behavior Violation in Llvm-toolchain-14

CWE-440Expected Behavior Violation6 documents6 sources
Severity
5.9MEDIUMNVD
EPSS
0.1%
top 71.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
27
Debian Llvm-toolchain-14Debian Llvm-toolchain-15Debian Llvm-toolchain-16+24 more
Timeline
PublishedApr 5
Latest updateApr 9

Description

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low, because the miscompile resulting in this JOP gadget is suc

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages27 packages

debiandebian/llvm-toolchain-14< llvm-toolchain-18 1:18.1.3-1 (sid)
debiandebian/llvm-toolchain-15< llvm-toolchain-18 1:18.1.3-1 (sid)
debiandebian/llvm-toolchain-16< llvm-toolchain-18 1:18.1.3-1 (sid)
debiandebian/llvm-toolchain-17< llvm-toolchain-18 1:18.1.3-1 (sid)
debiandebian/llvm-toolchain-18< llvm-toolchain-18 1:18.1.3-1 (sid)

🔴Vulnerability Details

2
OSV
CVE-2024-31852: LLVM before 182024-04-05
GHSA
GHSA-gj98-2c7c-vmc4: LLVM before 182024-04-05

📋Vendor Advisories

3
Microsoft
LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This af2024-04-09
Red Hat
llvm: LR register can be overwritten without data being saved to the stack on ARM2024-04-05
Debian
CVE-2024-31852: llvm-toolchain-14 - LLVM before 18.1.3 generates code in which the LR register can be overwritten wi...2024
CVE-2024-31852 — Expected Behavior Violation | cvebase