Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-4048

Опубликовано: 08 дек. 2021
Источник: nvd
CVSS3: 9.1
CVSS2: 6.4
EPSS Низкий

Описание

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:lapack_project:lapack:*:*:*:*:*:*:*:*
Версия до 3.10.0 (включая)
Конфигурация 2
cpe:2.3:a:openblas_project:openblas:*:*:*:*:*:*:*:*
Версия до 0.3.18 (исключая)
Конфигурация 3

Одно из

cpe:2.3:a:julialang:julia:*:*:*:*:*:*:*:*
Версия до 1.6.3 (включая)
cpe:2.3:a:julialang:julia:1.7.0:beta1:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:beta3:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:beta4:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:rc1:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Конфигурация 5

Одно из

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

EPSS

Процентиль: 47%
0.0024
Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2021-4048

CVSS3: 9.1
ubuntu
больше 3 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

redhat логотип

CVE-2021-4048

CVSS3: 5.9
redhat
больше 3 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

msrc логотип

CVE-2021-4048

CVSS3: 9.1
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2021-4048

CVSS3: 9.1
debian
больше 3 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, an ...

suse-cvrf логотип

openSUSE-SU-2022:0915-1

suse-cvrf
около 3 лет назад

Security update for lapack

EPSS

Процентиль: 47%
0.0024
Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-125