Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-2924

Опубликовано: 28 мар. 2025
Источник: debian

Описание

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
hdf5unfixedpackage

Примечания

  • https://github.com/HDFGroup/hdf5/issues/5382

  • https://github.com/HDFGroup/hdf5/pull/5814

  • https://github.com/HDFGroup/hdf5/commit/0a57195ca67d278f1cf7d01566c121048e337a59

  • HDF not covered by security support, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722

Связанные уязвимости

ubuntu логотип

CVE-2025-2924

CVSS3: 3.3
ubuntu
11 месяцев назад

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

redhat логотип

CVE-2025-2924

CVSS3: 3.3
redhat
11 месяцев назад

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

nvd логотип

CVE-2025-2924

CVSS3: 3.3
nvd
11 месяцев назад

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

msrc логотип

CVE-2025-2924

CVSS3: 3.3
msrc
5 месяцев назад

HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow

github логотип

GHSA-fqw7-q4hr-f893

CVSS3: 3.3
github
11 месяцев назад

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.