Libxsmm Security Vulnerabilities - November
There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at generator_spgemm_csc_reader.c in LIBXSMM 1.10, a different vulnerability than CVE-2018-20542 (which is in a different part of the source code and is seen at different addresses).
8.8CVSS
8.8AI Score
0.006EPSS
There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c (function libxsmm_sparse_csc_reader) in LIBXSMM 1.10, a different vulnerability than CVE-2018-20541 (which is in a different part of the source code and is seen at a different address).
8.8CVSS
8.6AI Score
0.006EPSS
There is an attempted excessive memory allocation at libxsmm_sparse_csc_reader in generator_spgemm_csc_reader.c in LIBXSMM 1.10 that will cause a denial of service.
6.5CVSS
6.3AI Score
0.001EPSS
An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer dereference exists in JIT code. It allows an attacker to cause Denial of Service.
6.5CVSS
6.3AI Score
0.001EPSS
An issue was discovered in libxsmm through v1.16.1-93. The JIT code has a heap-based buffer overflow.
8.8CVSS
8.8AI Score
0.002EPSS