Vulnerability Details CVE-2018-20541
There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at generator_spgemm_csc_reader.c in LIBXSMM 1.10, a different vulnerability than CVE-2018-20542 (which is in a different part of the source code and is seen at different addresses).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1652632
- https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d
- https://github.com/hfp/libxsmm/issues/287
- https://bugzilla.redhat.com/show_bug.cgi?id=1652632
- https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d
- https://github.com/hfp/libxsmm/issues/287
Products affected by CVE-2018-20541
-
cpe:2.3:a:libxsmm_project:libxsmm:1.10