Sign extension error in the AArch64 NCG
Arithmetic operations may result in incorrect runtime results on the native aarch64 backend. For the most part, this bug only causes availability and data integrity issues. However, in some circumstances, it may result in other, more complicated security related flaws, such as buffer overflow conditions.
Info
- Published
- March 20, 2025
- Modified
- March 20, 2025
- CAPECs
- < none >
- CWEs
- 194
- Keywords
- integrity, dos, historical
- Aliases
- < none >
- Related
- < none >
- References
- [REPORT] https://gitlab.haskell.org/ghc/ghc/-/issues/22282
- [FIX] https://gitlab.haskell.org/ghc/ghc/-/merge_requests/9152
- [FIX] https://gitlab.haskell.org/ghc/ghc/-/merge_requests/9139
Affected
ghc
- CVSS
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
- Versions
>=9.2.4 && <9.2.5>=9.4.2 && <9.4.3- Declarations
- < none >