Vulnerabilities > CVE-2021-4048

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH

Summary

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

Vulnerable Configurations

Part Description Count
Application
Lapack_Project
27
Application
Openblas_Project
53
Application
Julialang
112
Application
Redhat
6
OS
Redhat
1
OS
Fedoraproject
2

References