CVE-2021-4048

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.
Configurations

Configuration 1 (hide)

cpe:2.3:a:lapack_project:lapack:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:openblas_project:openblas:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:julialang:julia:*:*:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:beta1:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:beta3:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:beta4:*:*:*:*:*:*
cpe:2.3:a:julialang:julia:1.7.0:rc1:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

History

07 Nov 2023, 03:40

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/', 'name': 'FEDORA-2021-0d4b58060d', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/', 'name': 'FEDORA-2021-aec9d01057', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/ -

Information

Published : 2021-12-08 22:15

Updated : 2024-02-28 18:48


NVD link : CVE-2021-4048

Mitre link : CVE-2021-4048

CVE.ORG link : CVE-2021-4048


JSON object : View

Products Affected

julialang

  • julia

redhat

  • enterprise_linux
  • ceph_storage
  • openshift_container_storage
  • openshift_data_foundation

lapack_project

  • lapack

openblas_project

  • openblas

fedoraproject

  • fedora
CWE
CWE-125

Out-of-bounds Read