Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments.

...

OESA-2024-1975 orc security update

Orc is the sucessor to Liboil - The Library of Optimized Inner Loops. Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD...

AZL-47122 CVE-2024-40897 affecting package orc for versions less than 0.4.39-2

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

PT-2024-5876 · Orc +10 · Orc +10

Name of the Vulnerable Software and Affected Versions: ORC versions prior to 0.4.39 Description: A stack-based buffer overflow vulnerability exists in the orcparse.c file of the ORC compiler. If a developer is tricked into processing a specially crafted file with the affected ORC compiler,...