Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-17505

Опубликовано: 11 дек. 2017
Источник: debian

Описание

In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
hdf5fixed1.10.4+repack-1package
hdf5no-dsastretchpackage
hdf5no-dsajessiepackage
hdf5no-dsawheezypackage

Примечания

  • POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/2-hdf5-null-pointer-H5O_pline_decode

  • https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md

  • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/7e3f95679677db07a5cc606f5edfb723ea56d04e

Связанные уязвимости

ubuntu логотип

CVE-2017-17505

CVSS3: 6.5
ubuntu
около 8 лет назад

In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

redhat логотип

CVE-2017-17505

CVSS3: 3.3
redhat
около 8 лет назад

In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

nvd логотип

CVE-2017-17505

CVSS3: 6.5
nvd
около 8 лет назад

In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

github логотип

GHSA-v33c-vr3g-mwh2

CVSS3: 6.5
github
больше 3 лет назад

In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

suse-cvrf логотип

SUSE-SU-2022:1933-1

suse-cvrf
больше 3 лет назад

Security update for hdf5, suse-hpc