The vulnerabilities of the functions CLARRV(), DLARRV(), SLARRV(), and ZLARRV() in the Linear Algebra Package Library LAPACK, as well as the Linear Algebra Package Library OpenBLAS, allow attackers to gain access to confidential data and cause service interruptions.

The vulnerability of the functions CLARRV, DLARRV, SLARRV, and ZLARRV in the LAPACK linear algebra library is related to reading data beyond the allowed buffer size limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service...

openblas security update

An update is available for openblas. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenBLAS is an optimized BLAS library based on GotoBLAS2 1.13 BSD version...

CVE-2021-4048

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose...