Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-4048

Опубликовано: 08 дек. 2021
Источник: debian
EPSS Низкий

Описание

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
lapackfixed3.10.0-2package
lapackno-dsabullseyepackage
lapackno-dsabusterpackage
lapackno-dsastretchpackage
openblasfixed0.3.18+ds-1package
openblasno-dsabullseyepackage
openblasno-dsabusterpackage
openblasno-dsastretchpackage

Примечания

  • https://github.com/Reference-LAPACK/lapack/pull/625

  • https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781

  • https://github.com/JuliaLang/julia/issues/42415

  • OpenBLAS: https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41 (v0.3.18)

  • OpenBLAS: https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c (v0.3.18)

  • OpenBLAS: https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7 (v0.3.18)

  • OpenBLAS: https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7 (v0.3.18)

EPSS

Процентиль: 47%
0.0024
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-4048

CVSS3: 9.1
ubuntu
больше 3 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

redhat логотип

CVE-2021-4048

CVSS3: 5.9
redhat
больше 3 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

nvd логотип

CVE-2021-4048

CVSS3: 9.1
nvd
больше 3 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

msrc логотип

CVE-2021-4048

CVSS3: 9.1
msrc
больше 3 лет назад

Описание отсутствует

suse-cvrf логотип

openSUSE-SU-2022:0915-1

suse-cvrf
около 3 лет назад

Security update for lapack

EPSS

Процентиль: 47%
0.0024
Низкий