To report security issues in LLVM components of Arm Toolchain, please follow LLVM Project security policy.
To report security issues in any other components of Arm Toolchain, please use the Report a vulnerability feature under the Security tab.
Please refer to What is considered a security issue? in LLVM Project for an overview of which toolchain components are considered security-sensitive.
The
picolibc
andnewlib
standard C libraries are not part of thellvm-project
, however Arm Toolchain treats these in the same way as thellvm-project
runtime libraries.