CVE-2018-20542

Опубликовано: 28 дек. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c (function libxsmm_sparse_csc_reader) in LIBXSMM 1.10, a different vulnerability than CVE-2018-20541 (which is in a different part of the source code and is seen at a different address).

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=1652633
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1652635
Exploit
Issue Tracking
Third Party Advisory
https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d
Patch
Third Party Advisory
https://github.com/hfp/libxsmm/issues/287
Exploit
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1652633
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1652635
Exploit
Issue Tracking
Third Party Advisory
https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d
Patch
Third Party Advisory
https://github.com/hfp/libxsmm/issues/287
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libxsmm_project:libxsmm:1.10:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00455

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2018-20542

CVSS3: 8.8

ubuntu

около 7 лет назад

CVE-2018-20542

CVSS3: 8.8

debian

около 7 лет назад

There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c ...

GHSA-2w48-ph92-rq3j

CVSS3: 8.8

github

больше 3 лет назад

EPSS

Процентиль: 63%

0.00455

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119