Strix
26.1K

CVE-2024-31852

MEDIUMCVSS 5.9/10EPSS 0.99%

Last modified

CVE-2024-31852 is a medium-severity vulnerability rated 5.9/10 on the CVSS scale. LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. EPSS estimates a 0.99% chance of exploitation in the next 30 days.

Description

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low, because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So, if this function is covered by any testing, the miscompile is most likely to be discovered before the binary is shipped to production."

Metrics

CVSS 3.1
5.9/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
0.99%

58.1th percentile

Probability of exploitation in the next 30 days. Learn more

References

Timeline

Published
Last Modified
Status
Deferred

Frequently Asked Questions

What is CVE-2024-31852?
LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low, because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So, if this function is covered by any testing, the miscompile is most likely to be discovered before the binary is shipped to production."
How severe is CVE-2024-31852?
CVE-2024-31852 has a CVSS score of 5.9/10 (MEDIUM severity). The EPSS model estimates a 0.99% probability of exploitation in the next 30 days.
How do I fix CVE-2024-31852?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-31852?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST