There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c (function libxsmm_sparse_csc_reader) in LIBXSMM 1.10, a different vulnerability than CVE-2018-20541 (which is in a different part of the source code and is seen at a different address).
https://github.com/hfp/libxsmm/issues/287
https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d