PT-2025-12387 — Hackage Base

PT-2025-12387 · Hackage · Base

Published

2025-03-20

Updated

2025-11-14

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

`fromIntegral`: conversion error

fromIntegral may result in coercion errors when used with optimization flags -O1 or -O2 in the following situation:

Converting negative Int to Natural does not throw an arithmetic underflow error
Converting large Integer greater than 2^64 to Natural overflow.

For the most part, these errors in and of themselves result only in availability and data integrity issues. However, in some circumstances, they may result in other, more complicated security related flaws, such as buffer overflow conditions.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

HSEC-2024-0006

Affected Products

Base