diff --git a/repos/base-nova/src/core/include/nova_util.h b/repos/base-nova/src/core/include/nova_util.h
index d8a03e3c5..ab6a7b261 100644
--- a/repos/base-nova/src/core/include/nova_util.h
+++ b/repos/base-nova/src/core/include/nova_util.h
@@ -164,6 +164,9 @@ inline int map_local(Genode::addr_t const pd, Nova::Utcb *utcb,
 		if ((to_end - to_curr) < (1UL << order))
 			order = log2(to_end - to_curr);
 
+		if (order >= sizeof(void *)*8)
+			return 1;
+
 		int const res = map_local(pd, utcb,
 		                          Mem_crd((from_curr >> 12), order - get_page_size_log2(), permission),
 		                          Mem_crd((to_curr   >> 12), order - get_page_size_log2(), permission),
diff --git a/repos/base-nova/src/lib/base/cap_map.cc b/repos/base-nova/src/lib/base/cap_map.cc
index 1f34c1cb8..2d761e045 100644
--- a/repos/base-nova/src/lib/base/cap_map.cc
+++ b/repos/base-nova/src/lib/base/cap_map.cc
@@ -178,6 +178,12 @@ void Capability_map::remove(Genode::addr_t const sel, uint8_t num_log_2,
 	while (last_sel > last_range) {
 		uint8_t left_log2 = log2(last_sel - last_range);
 
+		/* take care for a case which should not happen */
+		if (left_log2 >= sizeof(last_range)*8) {
+			error("cap remove error");
+			return;
+		}
+
 		remove(last_range, left_log2, revoke);
 
 		last_range += 1UL << left_log2;
diff --git a/repos/base-nova/src/lib/base/ipc.cc b/repos/base-nova/src/lib/base/ipc.cc
index cb1cf8636..5b86f9bdf 100644
--- a/repos/base-nova/src/lib/base/ipc.cc
+++ b/repos/base-nova/src/lib/base/ipc.cc
@@ -40,8 +40,17 @@ Rpc_exception_code Genode::ipc_call(Native_capability dst,
 	if (rcv_caps != ~0UL) {
 
 		/* calculate max order of caps to be received during reply */
-		unsigned short log2_max = rcv_caps ? log2(rcv_caps) : 0;
-		if ((1U << log2_max) < rcv_caps) log2_max ++;
+		unsigned short log2_max = 0;
+		if (rcv_caps) {
+			log2_max = log2(rcv_caps);
+
+			/* if this happens, the call is bogus and invalid */
+			if ((log2_max >= sizeof(rcv_caps) * 8))
+				throw Ipc_error();
+
+			if ((1UL << log2_max) < rcv_caps)
+				log2_max ++;
+		}
 
 		rcv_window.rcv_wnd(log2_max);
 	}
diff --git a/repos/base/include/util/flex_iterator.h b/repos/base/include/util/flex_iterator.h
index e8613ae63..8b88a5499 100644
--- a/repos/base/include/util/flex_iterator.h
+++ b/repos/base/include/util/flex_iterator.h
@@ -106,6 +106,9 @@ class Genode::Flexpage_iterator
 				order = (order == ~0UL) ? 12 : order;
 			}
 
+			if (order >= sizeof(_offset) * 8)
+				return Flexpage();
+
 			/* advance offset by current flexpage size */
 			_offset += (1UL << order);
 
diff --git a/repos/base/src/core/region_map_component.cc b/repos/base/src/core/region_map_component.cc
index ad4db59ca..dfbd48b80 100644
--- a/repos/base/src/core/region_map_component.cc
+++ b/repos/base/src/core/region_map_component.cc
@@ -400,10 +400,13 @@ Region_map_component::attach(Dataspace_capability ds_cap, size_t size,
 			 * constraints.
 			 */
 			size_t align_log2 = log2(size);
+			if (align_log2 >= sizeof(void *)*8)
+				align_log2 = get_page_size_log2();
+
 			for (; align_log2 >= get_page_size_log2(); align_log2--) {
 
 				/*
-				 * Don't use an aligment higher than the alignment of the backing
+				 * Don't use an alignment higher than the alignment of the backing
 				 * store. The backing store would constrain the mapping size
 				 * anyway such that a higher alignment of the region is of no use.
 				 */
diff --git a/repos/os/src/init/utils.h b/repos/os/src/init/utils.h
index 22898c878..2c35166f7 100644
--- a/repos/os/src/init/utils.h
+++ b/repos/os/src/init/utils.h
@@ -185,7 +185,8 @@ namespace Init {
 	{
 		long const prio_levels = config.attribute_value("prio_levels", 0UL);
 
-		if (prio_levels && (prio_levels != (1 << log2(prio_levels)))) {
+		if (prio_levels && ((prio_levels >= (long)sizeof(prio_levels)*8) ||
+		                    (prio_levels != (1L << log2(prio_levels))))) {
 			warning("prio levels is not power of two, priorities are disabled");
 			return Prio_levels { 0 };
 		}