Описание
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| hdf5 | fixed | 1.10.6+repack-2 | package | |
| hdf5 | no-dsa | stretch | package | |
| hdf5 | ignored | jessie | package |
Примечания
https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#memory-leak-in-h5o_dtype_decode_helper
https://jira.hdfgroup.org/browse/HDFFV-10588
fixed in 1.10.5, release notes: https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.5/src/hdf5-1.10.5-RELEASE.txt
https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/02d03b4624122955ee3de635699a4e3880fea377
EPSS
Связанные уязвимости
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
Уязвимость функции H5O_dtype_decode_helper() компонента H5Odtype.c библиотеки обработки HDF файлов HDF5, позволяющая нарушителю вызвать отказ в обслуживании
EPSS