Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-17508

Опубликовано: 11 дек. 2017
Источник: debian

Описание

In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
hdf5fixed1.10.4+repack-1package
hdf5no-dsastretchpackage
hdf5no-dsajessiepackage
hdf5no-dsawheezypackage

Примечания

  • POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/1-hdf5-divbyzero-H5T_set_loc

  • https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md

  • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/0a7128c0d5bd035288be7b02ca9cf9bba321aadd

Связанные уязвимости

ubuntu логотип

CVE-2017-17508

CVSS3: 6.5
ubuntu
около 8 лет назад

In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

redhat логотип

CVE-2017-17508

CVSS3: 3.3
redhat
около 8 лет назад

In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

nvd логотип

CVE-2017-17508

CVSS3: 6.5
nvd
около 8 лет назад

In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

github логотип

GHSA-m7rj-c7xm-x4mp

CVSS3: 6.5
github
больше 3 лет назад

In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

suse-cvrf логотип

SUSE-SU-2022:1933-1

suse-cvrf
больше 3 лет назад

Security update for hdf5, suse-hpc