CVE-2018-20541
- Source
- https://cve.org/CVERecord?id=CVE-2018-20541
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20541.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-20541
- Downstream
- Published
- 2018-12-28T16:29:04.643Z
- Modified
- 2026-04-11T18:21:47.990561Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
There is a heap-based buffer overflow in libxsmmsparsecscreader at generatorspgemmcscreader.c in LIBXSMM 1.10, a different vulnerability than CVE-2018-20542 (which is in a different part of the source code and is seen at different addresses).
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "1.10" } ], "cpe": "cpe:2.3:a:libxsmm_project:libxsmm:1.10:*:*:*:*:*:*:*" } ] }- References
Affected packages
Git / github.com/hfp/libxsmm
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20541.json"
vanir_signatures_modified
"2026-04-11T18:21:47Z"
vanir_signatures
[
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "253237323125577349990588301710073922474",
"length": 2899.0
},
"target": {
"file": "src/generator_spgemm_csr_reader.c",
"function": "libxsmm_sparse_csr_reader"
},
"deprecated": false,
"id": "CVE-2018-20541-42082ee1"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "257932478644569493591294152135594238066",
"length": 2305.0
},
"target": {
"file": "samples/edge/edge_proxy_common.c",
"function": "edge_sparse_csr_reader_double"
},
"deprecated": false,
"id": "CVE-2018-20541-44059b59"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"241923795223860916277411171048424946468",
"209110177833169472757848964198364002047",
"226469009479139064176779870339992460152",
"192626307265761018682685695128013722668",
"261546154635701793906232853738646677101",
"18508411805474619725990427461893891957",
"51501535861073324594083067657348697914",
"110807367558379506002077375399143442439",
"257165498594075926253907697244042964172"
],
"threshold": 0.9
},
"target": {
"file": "src/generator_spgemm_csr_reader.c"
},
"deprecated": false,
"id": "CVE-2018-20541-5066215b"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"241923795223860916277411171048424946468",
"209110177833169472757848964198364002047",
"54720283948260693235784795782894161382",
"159871792082033176477973504123091930777"
],
"threshold": 0.9
},
"target": {
"file": "samples/edge/edge_proxy_common.c"
},
"deprecated": false,
"id": "CVE-2018-20541-914a6527"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"241923795223860916277411171048424946468",
"209110177833169472757848964198364002047",
"54720283948260693235784795782894161382",
"217042301667030676819970089241851533120"
],
"threshold": 0.9
},
"target": {
"file": "samples/pyfr/pyfr_driver_asp_reg.c"
},
"deprecated": false,
"id": "CVE-2018-20541-956a0ae8"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"241923795223860916277411171048424946468",
"107558474951648408386904201689056226698",
"283203830907550038709210239009337494119",
"18022234622339816638805531357357536949",
"291840242035544412416174133096187863902",
"18508411805474619725990427461893891957",
"4969517896670101590188015537595354571",
"291749407274234609554627974998776176771",
"205777411820530140292049990175321492587",
"206743855182286230386096444765258334159"
],
"threshold": 0.9
},
"target": {
"file": "src/generator_spgemm_csc_reader.c"
},
"deprecated": false,
"id": "CVE-2018-20541-a58f01b5"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "117423682803360476822542486759614065109",
"length": 2899.0
},
"target": {
"file": "src/generator_spgemm_csc_reader.c",
"function": "libxsmm_sparse_csc_reader"
},
"deprecated": false,
"id": "CVE-2018-20541-d0044958"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "252726746632772907463537910857054546701",
"length": 2342.0
},
"target": {
"file": "samples/pyfr/pyfr_driver_asp_reg.c",
"function": "my_csr_reader"
},
"deprecated": false,
"id": "CVE-2018-20541-ee91e15d"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "288578049635566099234369255849468353491",
"length": 2495.0
},
"target": {
"file": "samples/edge/common_edge_proxy.h",
"function": "libxsmm_sparse_csr_reader"
},
"deprecated": false,
"id": "CVE-2018-20541-f3f56076"
},
{
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"241923795223860916277411171048424946468",
"209110177833169472757848964198364002047",
"54720283948260693235784795782894161382",
"217042301667030676819970089241851533120"
],
"threshold": 0.9
},
"target": {
"file": "samples/edge/common_edge_proxy.h"
},
"deprecated": false,
"id": "CVE-2018-20541-ffa602e8"
}
]