openSUSE-SU-2022:0915-1

Опубликовано: 21 мар. 2022

Источник: suse-cvrf

Описание

Security update for lapack

This update for lapack fixes the following issues:

CVE-2021-4048: Fixed an out of bounds read when user input was not validated properly (bsc#1193562).

Список пакетов

openSUSE Leap 15.3

blas-devel-3.5.0-4.6.1

blas-devel-32bit-3.5.0-4.6.1

blas-devel-static-3.5.0-4.6.1

blas-man-3.5.0-4.6.1

lapack-devel-3.5.0-4.6.1

lapack-devel-32bit-3.5.0-4.6.1

lapack-devel-static-3.5.0-4.6.1

lapack-man-3.5.0-4.6.1

lapacke-devel-3.5.0-4.6.1

lapacke-devel-32bit-3.5.0-4.6.1

lapacke-devel-static-3.5.0-4.6.1

libblas3-3.5.0-4.6.1

libblas3-32bit-3.5.0-4.6.1

liblapack3-3.5.0-4.6.1

liblapack3-32bit-3.5.0-4.6.1

liblapacke3-3.5.0-4.6.1

liblapacke3-32bit-3.5.0-4.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6Y4WJU3KSP5LSKZL7KZ3ZTSCG3EWFTGE/
E-Mail link for openSUSE-SU-2022:0915-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1193562
SUSE Bug 1193562
https://www.suse.com/security/cve/CVE-2021-4048/
SUSE CVE CVE-2021-4048 page

Описание

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

Затронутые продукты

openSUSE Leap 15.3:blas-devel-3.5.0-4.6.1

openSUSE Leap 15.3:blas-devel-32bit-3.5.0-4.6.1

openSUSE Leap 15.3:blas-devel-static-3.5.0-4.6.1

openSUSE Leap 15.3:blas-man-3.5.0-4.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-4048.html
CVE-2021-4048
https://bugzilla.suse.com/1193562
SUSE Bug 1193562

openSUSE-SU-2022:0915-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-4048

Описание

Затронутые продукты

Ссылки