Pabloec20

**Name of the Vulnerable Software and Affected Versions** Libsvm version v324 scikit-learn version 0.23.2 **Description** The issue is related to the `svm predict values` function in `svm.cpp` of Libsvm, which can cause a denial of service (segmentation fault) when a crafted model SVM with a large value in the ` n support` array is introduced. This can occur via pickle, json, or any other model permanence standard. The scikit-learn vendor notes that this behavior can only happen if the library's API is violated by an application that changes a private attribute. **Recommendations** For Libsvm version v324, consider disabling the `svm predict values` function until a patch is available. For scikit-learn version 0.23.2, avoid using the ` n support` array in the affected `svm predict values` function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.