An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-33945 An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.0024}

epss

{'score': 0.00365}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-03T17:16:03.570Z

Reserved: 2021-12-02T00:00:00

Link: CVE-2021-4048

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-12-08T22:15:10.220

Modified: 2024-11-21T06:36:47.820

Link: CVE-2021-4048

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-09-30T00:00:00Z

Links: CVE-2021-4048 - Bugzilla

cve-icon OpenCVE Enrichment

No data.