Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-17233

Опубликовано: 20 сент. 2018
Источник: debian

Описание

A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
hdf5fixed1.10.6+repack-2package
hdf5no-dsastretchpackage
hdf5ignoredjessiepackage

Примечания

  • https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln2#divided-by-zero---h5d__create_chunk_file_map_hyper_div_zero

  • https://jira.hdfgroup.org/browse/HDFFV-10577

  • fixed in 1.10.5, release notes: https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.5/src/hdf5-1.10.5-RELEASE.txt

  • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/f891c38c6e724e9032a534512618b9650be76377

Связанные уязвимости

ubuntu логотип

CVE-2018-17233

CVSS3: 6.5
ubuntu
больше 7 лет назад

A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.

redhat логотип

CVE-2018-17233

CVSS3: 4.3
redhat
больше 7 лет назад

A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.

nvd логотип

CVE-2018-17233

CVSS3: 6.5
nvd
больше 7 лет назад

A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.

github логотип

GHSA-q4rw-j2j6-j8c5

CVSS3: 6.5
github
больше 3 лет назад

A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.

fstec логотип

BDU:2023-07610

CVSS3: 6.5
fstec
больше 7 лет назад

Уязвимость компонента H5Dchunk.c библиотеки обработки HDF файлов HDF5, позволяющая нарушителю вызвать отказ в обслуживании