CVE-2018-20541
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-20541
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20541.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-20541
- Downstream
- Published
- 2018-12-28T16:29:04Z
- Modified
- 2025-10-13T04:35:10Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
There is a heap-based buffer overflow in libxsmmsparsecscreader at generatorspgemmcscreader.c in LIBXSMM 1.10, a different vulnerability than CVE-2018-20542 (which is in a different part of the source code and is seen at different addresses).
- References
Affected packages
Git / github.com/hfp/libxsmm
Affected ranges
- Type
- GIT
- Repo
- https://github.com/hfp/libxsmm
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
{
"vanir_signatures": [
{
"signature_type": "Function",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "253237323125577349990588301710073922474",
"length": 2899.0
},
"id": "CVE-2018-20541-42082ee1",
"target": {
"function": "libxsmm_sparse_csr_reader",
"file": "src/generator_spgemm_csr_reader.c"
}
},
{
"signature_type": "Function",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "257932478644569493591294152135594238066",
"length": 2305.0
},
"id": "CVE-2018-20541-44059b59",
"target": {
"function": "edge_sparse_csr_reader_double",
"file": "samples/edge/edge_proxy_common.c"
}
},
{
"signature_type": "Line",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"241923795223860916277411171048424946468",
"209110177833169472757848964198364002047",
"226469009479139064176779870339992460152",
"192626307265761018682685695128013722668",
"261546154635701793906232853738646677101",
"18508411805474619725990427461893891957",
"51501535861073324594083067657348697914",
"110807367558379506002077375399143442439",
"257165498594075926253907697244042964172"
]
},
"id": "CVE-2018-20541-5066215b",
"target": {
"file": "src/generator_spgemm_csr_reader.c"
}
},
{
"signature_type": "Line",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"241923795223860916277411171048424946468",
"209110177833169472757848964198364002047",
"54720283948260693235784795782894161382",
"159871792082033176477973504123091930777"
]
},
"id": "CVE-2018-20541-914a6527",
"target": {
"file": "samples/edge/edge_proxy_common.c"
}
},
{
"signature_type": "Line",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"241923795223860916277411171048424946468",
"209110177833169472757848964198364002047",
"54720283948260693235784795782894161382",
"217042301667030676819970089241851533120"
]
},
"id": "CVE-2018-20541-956a0ae8",
"target": {
"file": "samples/pyfr/pyfr_driver_asp_reg.c"
}
},
{
"signature_type": "Line",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"241923795223860916277411171048424946468",
"107558474951648408386904201689056226698",
"283203830907550038709210239009337494119",
"18022234622339816638805531357357536949",
"291840242035544412416174133096187863902",
"18508411805474619725990427461893891957",
"4969517896670101590188015537595354571",
"291749407274234609554627974998776176771",
"205777411820530140292049990175321492587",
"206743855182286230386096444765258334159"
]
},
"id": "CVE-2018-20541-a58f01b5",
"target": {
"file": "src/generator_spgemm_csc_reader.c"
}
},
{
"signature_type": "Function",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "117423682803360476822542486759614065109",
"length": 2899.0
},
"id": "CVE-2018-20541-d0044958",
"target": {
"function": "libxsmm_sparse_csc_reader",
"file": "src/generator_spgemm_csc_reader.c"
}
},
{
"signature_type": "Function",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "252726746632772907463537910857054546701",
"length": 2342.0
},
"id": "CVE-2018-20541-ee91e15d",
"target": {
"function": "my_csr_reader",
"file": "samples/pyfr/pyfr_driver_asp_reg.c"
}
},
{
"signature_type": "Function",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "288578049635566099234369255849468353491",
"length": 2495.0
},
"id": "CVE-2018-20541-f3f56076",
"target": {
"function": "libxsmm_sparse_csr_reader",
"file": "samples/edge/common_edge_proxy.h"
}
},
{
"signature_type": "Line",
"source": "https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"241923795223860916277411171048424946468",
"209110177833169472757848964198364002047",
"54720283948260693235784795782894161382",
"217042301667030676819970089241851533120"
]
},
"id": "CVE-2018-20541-ffa602e8",
"target": {
"file": "samples/edge/common_edge_proxy.h"
}
}
]
}