CVE-2023-52307 — PaddlePaddle stack overflow in paddle.linalg.lu_unpack

Description

Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.

To remediate CVE-2023-52307, upgrade the affected package to a fixed version below.

Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L