Sign extension error in the PPC64le FFI

Numeric arguments of FFI call on the PPC64le backend may result in incorrect runtime values. For the most part, this bug only causes availability and data integrity issues. However, in some circumstances, it may result in other, more complicated security related flaws, such as buffer overflow conditions.

Info

Published: March 20, 2025
Modified: March 20, 2025
CAPECs: < none >
CWEs: 194
Keywords: integrity, dos
Aliases: < none >
Related: < none >
References: [REPORT] https://gitlab.haskell.org/ghc/ghc/-/issues/23034; [FIX] https://gitlab.haskell.org/ghc/ghc/-/merge_requests/12885

Affected

`ghc`

CVSS: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Versions: >=9.2.1 && <9.6.6; >=9.8.1 && <9.8.3; >=9.10.1
Declarations: < none >

HSEC-2024-0008

Sign extension error in the PPC64le FFI

Info

Affected

ghc

`ghc`