CVE-2021-4048
Published
CVSS v3
9.1
CRITICAL
CVSS v2
6.4
MEDIUM
Affected
3
PROJECTS
Description
An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.
OpenBLAS is an optimized BLAS library based on GotoBLAS2 1.13 BSD version.
GitHub