AZL-39758 CVE-2024-31852 affecting package llvm for versions less than 18.1.2-3

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

CVE-2020-15945

Lua 5.4.0 fixed in 5.4.1 has a segmentation fault in changedline in ldebug.c e.g., when called by luaGtraceexec because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function...

Design/Logic Flaw

Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c e.g., when called by luaGtraceexec because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function...

CVE-2018-18021

arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVMSETONREG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control with full register control. An attacker ca...