2025-03-27
ALT-BU-2025-4890-1
Branch sisyphus_riscv64 update bulletin.
Package lapack updated to version 3.8.0-alt8 for branch sisyphus_riscv64.
Closed vulnerabilities
Published: 2021-12-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-4048
An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.
Severity: CRITICAL (9.1)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
References:
- https://github.com/JuliaLang/julia/issues/42415
- https://github.com/JuliaLang/julia/issues/42415
- https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781
- https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781
- https://github.com/Reference-LAPACK/lapack/pull/625
- https://github.com/Reference-LAPACK/lapack/pull/625
- https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c
- https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c
- https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41
- https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41
- https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7
- https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7
- https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7
- https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7
- FEDORA-2021-aec9d01057
- FEDORA-2021-aec9d01057
- FEDORA-2021-0d4b58060d
- FEDORA-2021-0d4b58060d
Package waked updated to version 0.1.1-alt3 for branch sisyphus_riscv64.
Closed bugs
Миграция waked на sdbus-2.0
Package plasma-workspace updated to version 6.3.3-alt3 for branch sisyphus_riscv64.
Closed bugs
Дублирование кнопок уведомления