Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-2913

Опубликовано: 28 мар. 2025
Источник: redhat
CVSS3: 3.3

Описание

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

A flaw was found in HDF5. This vulnerability allows use-after-free via manipulating the argument H5FL_blk_head_t in the function H5FL__blk_gc_list.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux AI (RHEL AI)hdf5Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-119
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2355803hdf5: HDF5 H5FL.c H5FL__blk_gc_list use after free

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-2913

CVSS3: 3.3
ubuntu
6 месяцев назад

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

nvd логотип

CVE-2025-2913

CVSS3: 3.3
nvd
6 месяцев назад

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

debian логотип

CVE-2025-2913

CVSS3: 3.3
debian
6 месяцев назад

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as c ...

github логотип

GHSA-v5x4-36wq-jqfc

CVSS3: 3.3
github
6 месяцев назад

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as problematic. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

3.3 Low

CVSS3