Segmentation Fault Vulnerability in LLVM's MLIR Component
CVE-2023-29934

5.5MEDIUM

Key Information:

Vendor: Llvm
Status: Llvm
Vendor: CVE Published:; 5 May 2023

What is CVE-2023-29934?

A vulnerability has been identified in the LLVM Project related to the mlir::Type::getDialect() component, which can lead to a segmentation fault. This flaw may be exploited under specific conditions, potentially allowing for unexpected behavior in applications utilizing this component. Users are advised to review their implementations of LLVM and consider applying any relevant patches or updates to mitigate potential effects.

References

https://github.com/llvm/llvm-project/issues/59136

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2023
Vulnerability Reserved
Apr 7, 2023

CVE-2023-29934 Data

JSON

Llvm

What is CVE-2023-29934?

References

CVSS V3.1

Timeline