{"api_version":"1","generated_at":"2026-04-22T19:06:19+00:00","cve":"CVE-2021-4048","urls":{"html":"https://cve.report/CVE-2021-4048","api":"https://cve.report/api/cve/CVE-2021-4048.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-4048","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-4048"},"summary":{"title":"CVE-2021-4048","description":"An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2021-12-08 22:15:00","updated_at":"2023-11-07 03:40:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/","name":"FEDORA-2021-aec9d01057","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: lapack-3.9.0-7.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/JuliaLang/julia/issues/42415","name":"https://github.com/JuliaLang/julia/issues/42415","refsource":"MISC","tags":[],"title":"stegr! call segfault · Issue #42415 · JuliaLang/julia · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41","name":"https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41","refsource":"MISC","tags":[],"title":"Fix out of bounds read in ?llarv (Reference-LAPACK PR 625) · xianyi/OpenBLAS@337b651 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/","name":"FEDORA-2021-0d4b58060d","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: lapack-3.10.0-4.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/Reference-LAPACK/lapack/pull/625","name":"https://github.com/Reference-LAPACK/lapack/pull/625","refsource":"MISC","tags":[],"title":"Fix out of bounds read in slarrv by Keno · Pull Request #625 · Reference-LAPACK/lapack · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/","name":"FEDORA-2021-0d4b58060d","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: lapack-3.10.0-4.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781","name":"https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781","refsource":"MISC","tags":[],"title":"Merge pull request #625 from JuliaComputing/kf/slarrvbounds · Reference-LAPACK/lapack@38f3eee · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2024358","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2024358","refsource":"MISC","tags":[],"title":"2024358 – (CVE-2021-4048) CVE-2021-4048 lapack: Out-of-bounds read in *larrv","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/","name":"FEDORA-2021-aec9d01057","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: lapack-3.9.0-7.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7","name":"https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7","refsource":"MISC","tags":[],"title":"Fix out of bounds read in ?llarv (Reference-LAPACK PR 625) · xianyi/OpenBLAS@ddb0ff5 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7","name":"https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7","refsource":"MISC","tags":[],"title":"Fix out of bounds read in ?llarv (Reference-LAPACK PR 625) · xianyi/OpenBLAS@fe497ef · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c","name":"https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c","refsource":"MISC","tags":[],"title":"Fix out of bounds read in ?llarv (Reference-LAPACK PR 625) · xianyi/OpenBLAS@2be5ee3 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-4048","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4048","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"julialang","cpe5":"julia","cpe6":"1.7.0","cpe7":"beta1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"julialang","cpe5":"julia","cpe6":"1.7.0","cpe7":"beta2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"julialang","cpe5":"julia","cpe6":"1.7.0","cpe7":"beta3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"julialang","cpe5":"julia","cpe6":"1.7.0","cpe7":"beta4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"julialang","cpe5":"julia","cpe6":"1.7.0","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"1.6.3","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"julialang","cpe5":"julia","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"3.10.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"lapack_project","cpe5":"lapack","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openblas_project","cpe5":"openblas","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"openshift_container_storage","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"openshift_data_foundation","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-4048","qid":"160230","title":"Oracle Enterprise Linux Security Update for openblas (ELSA-2022-7639)"},{"cve":"CVE-2021-4048","qid":"184201","title":"Debian Security Update for lapackopenblas (CVE-2021-4048)"},{"cve":"CVE-2021-4048","qid":"20270","title":"Oracle Database 21c Critical Patch Update - October 2022"},{"cve":"CVE-2021-4048","qid":"240844","title":"Red Hat Update for openblas (RHSA-2022:7639)"},{"cve":"CVE-2021-4048","qid":"282174","title":"Fedora Security Update for lapack (FEDORA-2021-0d4b58060d)"},{"cve":"CVE-2021-4048","qid":"282175","title":"Fedora Security Update for lapack (FEDORA-2021-aec9d01057)"},{"cve":"CVE-2021-4048","qid":"354376","title":"Amazon Linux Security Advisory for lapack : ALAS2022-2022-173"},{"cve":"CVE-2021-4048","qid":"354484","title":"Amazon Linux Security Advisory for lapack : ALAS2022-2022-029"},{"cve":"CVE-2021-4048","qid":"357019","title":"Amazon Linux Security Advisory for openblas : ALAS2R4-2023-001"},{"cve":"CVE-2021-4048","qid":"671358","title":"EulerOS Security Update for lapack (EulerOS-SA-2022-1272)"},{"cve":"CVE-2021-4048","qid":"671363","title":"EulerOS Security Update for lapack (EulerOS-SA-2022-1299)"},{"cve":"CVE-2021-4048","qid":"671369","title":"EulerOS Security Update for openblas (EulerOS-SA-2022-1316)"},{"cve":"CVE-2021-4048","qid":"671385","title":"EulerOS Security Update for lapack (EulerOS-SA-2022-1315)"},{"cve":"CVE-2021-4048","qid":"671386","title":"EulerOS Security Update for openblas (EulerOS-SA-2022-1300)"},{"cve":"CVE-2021-4048","qid":"671499","title":"EulerOS Security Update for lapack (EulerOS-SA-2022-1476)"},{"cve":"CVE-2021-4048","qid":"671525","title":"EulerOS Security Update for lapack (EulerOS-SA-2022-1467)"},{"cve":"CVE-2021-4048","qid":"671530","title":"EulerOS Security Update for openblas (EulerOS-SA-2022-1469)"},{"cve":"CVE-2021-4048","qid":"671534","title":"EulerOS Security Update for openblas (EulerOS-SA-2022-1478)"},{"cve":"CVE-2021-4048","qid":"671690","title":"EulerOS Security Update for lapack (EulerOS-SA-2022-1736)"},{"cve":"CVE-2021-4048","qid":"751906","title":"SUSE Enterprise Linux Security Update for lapack (SUSE-SU-2022:0913-1)"},{"cve":"CVE-2021-4048","qid":"751914","title":"OpenSUSE Security Update for lapack (openSUSE-SU-2022:0915-1)"},{"cve":"CVE-2021-4048","qid":"751990","title":"SUSE Enterprise Linux Security Update for lapack (SUSE-SU-2022:0915-1)"},{"cve":"CVE-2021-4048","qid":"900340","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for lapack (6300)"},{"cve":"CVE-2021-4048","qid":"901171","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for lapack (6609-1)"},{"cve":"CVE-2021-4048","qid":"901980","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for openblas (7315)"},{"cve":"CVE-2021-4048","qid":"904153","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for openblas (7315-1)"},{"cve":"CVE-2021-4048","qid":"940752","title":"AlmaLinux Security Update for openblas (ALSA-2022:7639)"},{"cve":"CVE-2021-4048","qid":"960398","title":"Rocky Linux Security Update for openblas (RLSA-2022:7639)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-4048","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"lapack","version":{"version_data":[{"version_value":"lapack through version 3.10.0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-125"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://github.com/Reference-LAPACK/lapack/pull/625","url":"https://github.com/Reference-LAPACK/lapack/pull/625"},{"refsource":"MISC","name":"https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781","url":"https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781"},{"refsource":"MISC","name":"https://github.com/JuliaLang/julia/issues/42415","url":"https://github.com/JuliaLang/julia/issues/42415"},{"refsource":"MISC","name":"https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41","url":"https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41"},{"refsource":"MISC","name":"https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c","url":"https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c"},{"refsource":"MISC","name":"https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7","url":"https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7"},{"refsource":"MISC","name":"https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7","url":"https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7"},{"refsource":"FEDORA","name":"FEDORA-2021-0d4b58060d","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/"},{"refsource":"FEDORA","name":"FEDORA-2021-aec9d01057","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/"}]},"description":{"description_data":[{"lang":"eng","value":"An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory."}]}},"nvd":{"publishedDate":"2021-12-08 22:15:00","lastModifiedDate":"2023-11-07 03:40:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":9.1,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.2},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":6.4},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:lapack_project:lapack:*:*:*:*:*:*:*:*","versionEndIncluding":"3.10.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:openblas_project:openblas:*:*:*:*:*:*:*:*","versionEndExcluding":"0.3.18","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:julialang:julia:1.7.0:rc1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:julialang:julia:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:julialang:julia:1.7.0:beta1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:julialang:julia:1.7.0:beta2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:julialang:julia:1.7.0:beta3:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:julialang:julia:1.7.0:beta4:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:openshift_container_storage:4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"4048","Ordinal":"222292","Title":"CVE-2021-4048","CVE":"CVE-2021-4048","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"4048","Ordinal":"1","NoteData":"An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"4048","Ordinal":"2","NoteData":"2021-12-08","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"4048","Ordinal":"3","NoteData":"2021-12-17","Type":"Other","Title":"Modified"}]}}}