LAYER: meta
PACKAGE NAME: llvm-native
PACKAGE VERSION: 18.1.5
CVE: CVE-2023-26924
CVE STATUS: Patched
CVE SUMMARY: LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can cause undesirable behavior."
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-26924

LAYER: meta
PACKAGE NAME: llvm-native
PACKAGE VERSION: 18.1.5
CVE: CVE-2023-29932
CVE STATUS: Patched
CVE SUMMARY: llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-29932

LAYER: meta
PACKAGE NAME: llvm-native
PACKAGE VERSION: 18.1.5
CVE: CVE-2023-29933
CVE STATUS: Patched
CVE SUMMARY: llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-29933

LAYER: meta
PACKAGE NAME: llvm-native
PACKAGE VERSION: 18.1.5
CVE: CVE-2023-29934
CVE STATUS: Patched
CVE SUMMARY: llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-29934

LAYER: meta
PACKAGE NAME: llvm-native
PACKAGE VERSION: 18.1.5
CVE: CVE-2023-29935
CVE STATUS: Patched
CVE SUMMARY: llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-29935

LAYER: meta
PACKAGE NAME: llvm-native
PACKAGE VERSION: 18.1.5
CVE: CVE-2023-29939
CVE STATUS: Patched
CVE SUMMARY: llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-29939

LAYER: meta
PACKAGE NAME: llvm-native
PACKAGE VERSION: 18.1.5
CVE: CVE-2023-29941
CVE STATUS: Patched
CVE SUMMARY: llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-29941

LAYER: meta
PACKAGE NAME: llvm-native
PACKAGE VERSION: 18.1.5
CVE: CVE-2023-29942
CVE STATUS: Patched
CVE SUMMARY: llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-29942