MSRC_CVE-2024-31852
Vulnerability from csaf_microsoft - Published: 2024-04-02 07:00 - Updated: 2025-07-11 00:00Summary
LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production."
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31852 LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is \"we don\u0027t have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production.\" - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-31852.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is \"we don\u0027t have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production.\"",
"tracking": {
"current_release_date": "2025-07-11T00:00:00.000Z",
"generator": {
"date": "2025-10-20T01:14:16.772Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-31852",
"initial_release_date": "2024-04-02T07:00:00.000Z",
"revision_history": [
{
"date": "2024-06-30T07:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-08-16T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
},
{
"date": "2024-08-18T00:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Information published."
},
{
"date": "2024-11-09T00:00:00.000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added libcxx to Azure Linux 3.0\nAdded rust to Azure Linux 3.0\nAdded llvm to Azure Linux 3.0\nAdded rust to CBL-Mariner 2.0"
},
{
"date": "2024-12-07T00:00:00.000Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Added rust to CBL-Mariner 2.0\nAdded libcxx to Azure Linux 3.0\nAdded llvm to Azure Linux 3.0\nAdded rust to Azure Linux 3.0"
},
{
"date": "2025-07-11T00:00:00.000Z",
"legacy_version": "2",
"number": "6",
"summary": "Added clang to Azure Linux 3.0\nAdded compiler-rt to Azure Linux 3.0\nAdded lld to Azure Linux 3.0\nAdded lldb to Azure Linux 3.0\nAdded libcxx to Azure Linux 3.0\nAdded llvm to Azure Linux 3.0\nAdded rust to Azure Linux 3.0\nAdded rust to CBL-Mariner 2.0"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 rust 1.72.0-8",
"product": {
"name": "\u003ccbl2 rust 1.72.0-8",
"product_id": "18"
}
},
{
"category": "product_version",
"name": "cbl2 rust 1.72.0-8",
"product": {
"name": "cbl2 rust 1.72.0-8",
"product_id": "17350"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 rust 1.75.0-9",
"product": {
"name": "\u003cazl3 rust 1.75.0-9",
"product_id": "13"
}
},
{
"category": "product_version",
"name": "azl3 rust 1.75.0-9",
"product": {
"name": "azl3 rust 1.75.0-9",
"product_id": "17620"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 rust 1.72.0-10",
"product": {
"name": "\u003ccbl2 rust 1.72.0-10",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "cbl2 rust 1.72.0-10",
"product": {
"name": "cbl2 rust 1.72.0-10",
"product_id": "19721"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 rust 1.75.0-14",
"product": {
"name": "\u003cazl3 rust 1.75.0-14",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "azl3 rust 1.75.0-14",
"product": {
"name": "azl3 rust 1.75.0-14",
"product_id": "19671"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 rust 1.86.0-1",
"product": {
"name": "\u003cazl3 rust 1.86.0-1",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "azl3 rust 1.86.0-1",
"product": {
"name": "azl3 rust 1.86.0-1",
"product_id": "19686"
}
}
],
"category": "product_name",
"name": "rust"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 clang16 16.0.0-1",
"product": {
"name": "\u003ccbl2 clang16 16.0.0-1",
"product_id": "17"
}
},
{
"category": "product_version",
"name": "cbl2 clang16 16.0.0-1",
"product": {
"name": "cbl2 clang16 16.0.0-1",
"product_id": "17366"
}
}
],
"category": "product_name",
"name": "clang16"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 libcxx 18.1.2-3",
"product": {
"name": "\u003cazl3 libcxx 18.1.2-3",
"product_id": "15"
}
},
{
"category": "product_version",
"name": "azl3 libcxx 18.1.2-3",
"product": {
"name": "azl3 libcxx 18.1.2-3",
"product_id": "17618"
}
}
],
"category": "product_name",
"name": "libcxx"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 compiler-rt 18.1.2-2",
"product": {
"name": "\u003cazl3 compiler-rt 18.1.2-2",
"product_id": "14"
}
},
{
"category": "product_version",
"name": "azl3 compiler-rt 18.1.2-2",
"product": {
"name": "azl3 compiler-rt 18.1.2-2",
"product_id": "17619"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 compiler-rt 18.1.2-3",
"product": {
"name": "\u003cazl3 compiler-rt 18.1.2-3",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 compiler-rt 18.1.2-3",
"product": {
"name": "azl3 compiler-rt 18.1.2-3",
"product_id": "20287"
}
}
],
"category": "product_name",
"name": "compiler-rt"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 clang 18.1.2-2",
"product": {
"name": "\u003cazl3 clang 18.1.2-2",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "azl3 clang 18.1.2-2",
"product": {
"name": "azl3 clang 18.1.2-2",
"product_id": "17621"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 clang 18.1.2-4",
"product": {
"name": "\u003cazl3 clang 18.1.2-4",
"product_id": "16"
}
},
{
"category": "product_version",
"name": "azl3 clang 18.1.2-4",
"product": {
"name": "azl3 clang 18.1.2-4",
"product_id": "17549"
}
}
],
"category": "product_name",
"name": "clang"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 llvm 18.1.2-3",
"product": {
"name": "\u003cazl3 llvm 18.1.2-3",
"product_id": "11"
}
},
{
"category": "product_version",
"name": "azl3 llvm 18.1.2-3",
"product": {
"name": "azl3 llvm 18.1.2-3",
"product_id": "17622"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 llvm 18.1.2-4",
"product": {
"name": "\u003cazl3 llvm 18.1.2-4",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 llvm 18.1.2-4",
"product": {
"name": "azl3 llvm 18.1.2-4",
"product_id": "20285"
}
}
],
"category": "product_name",
"name": "llvm"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 lldb 18.1.2-2",
"product": {
"name": "\u003cazl3 lldb 18.1.2-2",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "azl3 lldb 18.1.2-2",
"product": {
"name": "azl3 lldb 18.1.2-2",
"product_id": "17623"
}
}
],
"category": "product_name",
"name": "lldb"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 lld 18.1.2-2",
"product": {
"name": "\u003cazl3 lld 18.1.2-2",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "azl3 lld 18.1.2-2",
"product": {
"name": "azl3 lld 18.1.2-2",
"product_id": "17624"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 lld 18.1.2-3",
"product": {
"name": "\u003cazl3 lld 18.1.2-3",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 lld 18.1.2-3",
"product": {
"name": "azl3 lld 18.1.2-3",
"product_id": "20281"
}
}
],
"category": "product_name",
"name": "lld"
},
{
"category": "product_name",
"name": "azl3 tensorflow 2.16.1-9",
"product": {
"name": "azl3 tensorflow 2.16.1-9",
"product_id": "8"
}
},
{
"category": "product_name",
"name": "cbl2 tensorflow 2.11.1-2",
"product": {
"name": "cbl2 tensorflow 2.11.1-2",
"product_id": "7"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 rust 1.72.0-8 as a component of CBL Mariner 2.0",
"product_id": "17086-18"
},
"product_reference": "18",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 rust 1.72.0-8 as a component of CBL Mariner 2.0",
"product_id": "17350-17086"
},
"product_reference": "17350",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 clang16 16.0.0-1 as a component of CBL Mariner 2.0",
"product_id": "17086-17"
},
"product_reference": "17",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 clang16 16.0.0-1 as a component of CBL Mariner 2.0",
"product_id": "17366-17086"
},
"product_reference": "17366",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 libcxx 18.1.2-3 as a component of Azure Linux 3.0",
"product_id": "17084-15"
},
"product_reference": "15",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 libcxx 18.1.2-3 as a component of Azure Linux 3.0",
"product_id": "17618-17084"
},
"product_reference": "17618",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 compiler-rt 18.1.2-2 as a component of Azure Linux 3.0",
"product_id": "17084-14"
},
"product_reference": "14",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 compiler-rt 18.1.2-2 as a component of Azure Linux 3.0",
"product_id": "17619-17084"
},
"product_reference": "17619",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 rust 1.75.0-9 as a component of Azure Linux 3.0",
"product_id": "17084-13"
},
"product_reference": "13",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 1.75.0-9 as a component of Azure Linux 3.0",
"product_id": "17620-17084"
},
"product_reference": "17620",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 clang 18.1.2-2 as a component of Azure Linux 3.0",
"product_id": "17084-12"
},
"product_reference": "12",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 clang 18.1.2-2 as a component of Azure Linux 3.0",
"product_id": "17621-17084"
},
"product_reference": "17621",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 llvm 18.1.2-3 as a component of Azure Linux 3.0",
"product_id": "17084-11"
},
"product_reference": "11",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 llvm 18.1.2-3 as a component of Azure Linux 3.0",
"product_id": "17622-17084"
},
"product_reference": "17622",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 lldb 18.1.2-2 as a component of Azure Linux 3.0",
"product_id": "17084-10"
},
"product_reference": "10",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 lldb 18.1.2-2 as a component of Azure Linux 3.0",
"product_id": "17623-17084"
},
"product_reference": "17623",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 lld 18.1.2-2 as a component of Azure Linux 3.0",
"product_id": "17084-9"
},
"product_reference": "9",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 lld 18.1.2-2 as a component of Azure Linux 3.0",
"product_id": "17624-17084"
},
"product_reference": "17624",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 tensorflow 2.16.1-9 as a component of Azure Linux 3.0",
"product_id": "17084-8"
},
"product_reference": "8",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 rust 1.72.0-10 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 rust 1.72.0-10 as a component of CBL Mariner 2.0",
"product_id": "19721-17086"
},
"product_reference": "19721",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 lld 18.1.2-3 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 lld 18.1.2-3 as a component of Azure Linux 3.0",
"product_id": "20281-17084"
},
"product_reference": "20281",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 llvm 18.1.2-4 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 llvm 18.1.2-4 as a component of Azure Linux 3.0",
"product_id": "20285-17084"
},
"product_reference": "20285",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 clang 18.1.2-4 as a component of Azure Linux 3.0",
"product_id": "17084-16"
},
"product_reference": "16",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 clang 18.1.2-4 as a component of Azure Linux 3.0",
"product_id": "17549-17084"
},
"product_reference": "17549",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 rust 1.75.0-14 as a component of Azure Linux 3.0",
"product_id": "17084-6"
},
"product_reference": "6",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 1.75.0-14 as a component of Azure Linux 3.0",
"product_id": "19671-17084"
},
"product_reference": "19671",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 compiler-rt 18.1.2-3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 compiler-rt 18.1.2-3 as a component of Azure Linux 3.0",
"product_id": "20287-17084"
},
"product_reference": "20287",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 tensorflow 2.11.1-2 as a component of CBL Mariner 2.0",
"product_id": "17086-7"
},
"product_reference": "7",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 rust 1.86.0-1 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 1.86.0-1 as a component of Azure Linux 3.0",
"product_id": "19686-17084"
},
"product_reference": "19686",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31852",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-8",
"17086-7"
]
}
],
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17350-17086",
"17366-17086",
"17618-17084",
"17619-17084",
"17620-17084",
"17621-17084",
"17622-17084",
"17623-17084",
"17624-17084",
"19721-17086",
"20281-17084",
"20285-17084",
"17549-17084",
"19671-17084",
"20287-17084",
"19686-17084"
],
"known_affected": [
"17086-18",
"17086-17",
"17084-15",
"17084-14",
"17084-13",
"17084-12",
"17084-11",
"17084-10",
"17084-9",
"17086-4",
"17084-3",
"17084-2",
"17084-16",
"17084-6",
"17084-1",
"17084-5"
],
"known_not_affected": [
"17084-8",
"17086-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31852 LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is \"we don\u0027t have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production.\" - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-31852.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "1.72.0-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-18",
"17086-4"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "16.0.0-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-17"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "18.1.2-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-15",
"17084-11",
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "18.1.2-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-14",
"17084-12",
"17084-10",
"17084-9"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "1.75.0-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-13",
"17084-6"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-3",
"17084-16",
"17084-1",
"17084-5"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17086-18",
"17086-17",
"17084-15",
"17084-14",
"17084-13",
"17084-12",
"17084-11",
"17084-10",
"17084-9",
"17086-4",
"17084-3",
"17084-2",
"17084-16",
"17084-6",
"17084-1",
"17084-5"
]
}
],
"title": "LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is \"we don\u0027t have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production.\""
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…