Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-4048

Опубликовано: 30 сент. 2021
Источник: redhat
CVSS3: 5.9
EPSS Низкий

Описание

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack and OpenBLAS. A specially crafted input passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Ceph Storage 2cephAffected
Red Hat Ceph Storage 3cephAffected
Red Hat Ceph Storage 4cephAffected
Red Hat Ceph Storage 5cephAffected
Red Hat Enterprise Linux 6lapackOut of support scope
Red Hat Enterprise Linux 7lapackOut of support scope
Red Hat Enterprise Linux 8lapackWill not fix
Red Hat Enterprise Linux 9lapackWill not fix
Red Hat Enterprise Linux 9openblasNot affected
Red Hat Openshift Container Storage 4ocs4/cephcsi-rhel8Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2024358lapack: Out-of-bounds read in *larrv

EPSS

Процентиль: 47%
0.0024
Низкий

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-4048

CVSS3: 9.1
ubuntu
около 4 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

nvd логотип

CVE-2021-4048

CVSS3: 9.1
nvd
около 4 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

msrc логотип

CVE-2021-4048

CVSS3: 9.1
msrc
около 4 лет назад

An out-of-bounds read flaw was found in the CLARRV DLARRV SLARRV and ZLARRV functions in lapack through version 3.10.0 as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

debian логотип

CVE-2021-4048

CVSS3: 9.1
debian
около 4 лет назад

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, an ...

suse-cvrf логотип

openSUSE-SU-2022:0915-1

suse-cvrf
почти 4 года назад

Security update for lapack

EPSS

Процентиль: 47%
0.0024
Низкий

5.9 Medium

CVSS3