CVE-2021-4048: An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before…

CVE-2021-4048 [CRITICAL] CWE-125 GHSA-wgf2-cvhg-c384: An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3 An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

CVE-2021-4048 [CRITICAL] CVE-2021-4048: An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3 An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.

CVE-2021-4048 [CRITICAL] Oracle Oracle Analytics Risk Matrix: Machine Learning (OpenBLAS) — CVE-2021-4048 Oracle Oracle Analytics Risk Matrix: Machine Learning (OpenBLAS) vulnerability CVE: CVE-2021-4048 CVSS: 9.1 Protocol: HTTP Remote exploit: Yes Affected versions: Network Advisory: cpuapr2023 (APR 2023)

CVE-2021-4048 [CRITICAL] CWE-125 An out-of-bounds read flaw was found in the CLARRV DLARRV SLARRV and ZLARRV functions in lapack through version 3.10.0 as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed t An out-of-bounds read flaw was found in the CLARRV DLARRV SLARRV and ZLARRV functions in lapack through version 3.10.0 as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 20

CVE-2021-4048 [CRITICAL] CWE-125 lapack: Out-of-bounds read in *larrv lapack: Out-of-bounds read in *larrv An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory. An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack and OpenBLAS. A specially crafted input passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory. Package: ceph (Red Hat Ceph Storage 2) - Will not fix Package: ceph (Red Hat Ceph Storage 3) - Will not fix Package: ceph (Red Hat Ceph Storage 4) - Will not fix Package: ceph (Red H

CVE-2021-4048 [CRITICAL] CVE-2021-4048: lapack - An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV f... An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory. Scope: local bookworm: resolved (fixed in 3.10.0-2) bullseye: open forky: resolved (fixed in 3.10.0-2) sid: resolved (fixed in 3.10.0-2) trixie: resolved (fixed in 3.10.0-2)