USN-6258-1
- Source
- https://ubuntu.com/security/notices/USN-6258-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6258-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-6258-1
- Upstream
- Related
- Published
- 2023-07-27T07:48:23.556947Z
- Modified
- 2025-10-13T04:36:31Z
- Summary
- llvm-toolchain-13, llvm-toolchain-14, llvm-toolchain-15 vulnerabilities
- Details
-
It was discovered that LLVM Toolchain did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted MLIR file, an attacker could possibly use this issue to cause LLVM Toolchain to crash, resulting in a denial of service. (CVE-2023-29932, CVE-2023-29934, CVE-2023-29939)
It was discovered that LLVM Toolchain did not properly manage memory under certain circumstances. If a user were tricked into opening a specially
crafted MLIR file, an attacker could possibly use this issue to cause LLVM Toolchain to crash, resulting in a denial of service. This issue only affected llvm-toolchain-15. (CVE-2023-29933) - References
Affected packages
Ubuntu:22.04:LTS / llvm-toolchain-13
Package
- Name
- llvm-toolchain-13
- Purl
- pkg:deb/ubuntu/llvm-toolchain-13@1:13.0.1-2ubuntu2.2?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:13.0.1-2ubuntu2.2
Affected versions
1:13.*
1:13.0.0-2
1:13.0.0-9
1:13.0.1-2ubuntu1
1:13.0.1-2ubuntu2
1:13.0.1-2ubuntu2.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "clang-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "clang-13-examples",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "clang-format-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "clang-tidy-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "clang-tools-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "clangd-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libc++-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libc++1-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libc++abi-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libc++abi1-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libclang-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libclang-common-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libclang-cpp13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libclang-cpp13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libclang1-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libclc-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libclc-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libfuzzer-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "liblld-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "liblld-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "liblldb-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "liblldb-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libllvm-13-ocaml-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libllvm13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libmlir-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libmlir-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libomp-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libomp5-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libunwind-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "libunwind-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "lld-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "lldb-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "llvm-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "llvm-13-dev",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "llvm-13-examples",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "llvm-13-linker-tools",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "llvm-13-runtime",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "llvm-13-tools",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "mlir-13-tools",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "python3-clang-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
},
{
"binary_name": "python3-lldb-13",
"binary_version": "1:13.0.1-2ubuntu2.2"
}
]
}
Database specific
cves_map
{
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29932"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29933"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29934"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29939"
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
Ubuntu:22.04:LTS / llvm-toolchain-14
Package
- Name
- llvm-toolchain-14
- Purl
- pkg:deb/ubuntu/llvm-toolchain-14@1:14.0.0-1ubuntu1.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:14.0.0-1ubuntu1.1
Affected versions
1:14.*
1:14.0.0~+rc1-1
1:14.0.0~+rc1-1ubuntu4
1:14.0.0~+rc4-1ubuntu1
1:14.0.0-1ubuntu1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "clang-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "clang-14-examples",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "clang-format-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "clang-tidy-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "clang-tools-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "clangd-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libc++-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libc++1-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libc++abi-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libc++abi1-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libclang-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libclang-common-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libclang-cpp14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libclang-cpp14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libclang1-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libclc-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libclc-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libfuzzer-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "liblld-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "liblld-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "liblldb-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "liblldb-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libllvm-14-ocaml-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libllvm14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libmlir-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libmlir-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libomp-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libomp5-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libunwind-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "libunwind-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "lld-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "lldb-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "llvm-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "llvm-14-dev",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "llvm-14-examples",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "llvm-14-linker-tools",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "llvm-14-runtime",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "llvm-14-tools",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "mlir-14-tools",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "python3-clang-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
},
{
"binary_name": "python3-lldb-14",
"binary_version": "1:14.0.0-1ubuntu1.1"
}
]
}
Database specific
cves_map
{
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29932"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29933"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29934"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29939"
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
Ubuntu:22.04:LTS / llvm-toolchain-15
Package
- Name
- llvm-toolchain-15
- Purl
- pkg:deb/ubuntu/llvm-toolchain-15@1:15.0.7-0ubuntu0.22.04.3?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:15.0.7-0ubuntu0.22.04.3
Affected versions
1:15.*
1:15.0.6-3~ubuntu0.22.04.2
1:15.0.7-0ubuntu0.22.04.1
1:15.0.7-0ubuntu0.22.04.2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "bolt-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "clang-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "clang-15-examples",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "clang-format-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "clang-tidy-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "clang-tools-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "clangd-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libbolt-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libc++-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libc++1-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libc++abi-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libc++abi1-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libclang-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libclang-common-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libclang-cpp15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libclang-cpp15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libclang1-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libclc-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libclc-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libfuzzer-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "liblld-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "liblld-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "liblldb-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "liblldb-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libllvm-15-ocaml-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libllvm15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libmlir-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libmlir-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libomp-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libomp5-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libunwind-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "libunwind-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "lld-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "lldb-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "llvm-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "llvm-15-dev",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "llvm-15-examples",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "llvm-15-linker-tools",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "llvm-15-runtime",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "llvm-15-tools",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "mlir-15-tools",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "python3-clang-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
},
{
"binary_name": "python3-lldb-15",
"binary_version": "1:15.0.7-0ubuntu0.22.04.3"
}
]
}
Database specific
cves_map
{
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29932"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29933"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29934"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2023-29939"
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}