llvm-toolset:rhel8 bug fix and enhancement update

An update is available for llvm-compat, lld, compiler-rt, module.lld, lldb, python-lit, module.python-lit, module.lldb, llvm, libomp, module.compiler-rt, clang, module.libomp, module.llvm-compat, module.llvm, module.clang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System...

CVE-2024-25050

IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator...

CVE-2024-25050 IBM i privilege escalation

IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator...

Security Bulletin: IBM Rational Development Studio for i is vulnerable to a local privilege escalation due to an unqualified library call in compiler infrastructure [CVE-2024-25050]

Summary IBM i product IBM Rational Development Studio for i is vulnerable to a user gaining elevated privilege due to a CL command being called without library qualification in compiler infrastructure as described in the vulnerability details section. This bulletin identifies the steps to take to...

Security Bulletin: IBM i is vulnerable to a local privilege escalation due to an unqualified library call in networking and compiler infrastructure [CVE-2024-25050]

Summary IBM i is vulnerable to a user gaining elevated privilege due to a CL command being called without library qualification in networking and compiler infrastructure as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as...

Fedora: Security Advisory (FEDORA-2023-67f0f8d186)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: mlir-17.0.2-1.fc39

The MLIR project is a novel approach to building reusable and extensible compiler infrastructure. MLIR aims to address software fragmentation, improve compilation for heterogeneous hardware, significantly reduce the cost of building domain specific compilers, and aid in connecting existing...

Binaryen Denial of Service Vulnerability

Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen suffers from a denial of service vulnerability in version 104, which stems from an assertion abort in the software wasm::WasmBinaryBuilder::VisitRetrow, that can be exploited by an attacker to cau...

Binaryen Denial of Service Vulnerability

Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C. A security vulnerability exists in Binaryen version 104, which stems from an assertion abort in wasm::WasmBinaryBuilder::readFunctions in the software, and could be exploited by an attacker to cause a denial...

Binaryen Stack Buffer Overflow Vulnerability

Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen has a stack buffer overflow vulnerability in version 103, which originates when the software printf public function performs an operation in memory, and can be exploited by an attacker to cause...

llvm-toolset:rhel8 bug fix and enhancement update

LLVM Toolset provides the LLVM compiler infrastructure framework, the Clang compiler for the C and C++ languages, the LLDB debugger, and related tools for code analysis. For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. For...

Experts Weigh In On Spectre Patch Challenges

The race to patch against the Meltdown and Spectre processor vulnerabilities disclosed last week is on. As of today, there are no known exploits in the wild impacting vulnerable Intel, AMD and ARM devices. Currently, vendors are focused on three main mitigation efforts. Patches that address the...