Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-2914

Опубликовано: 28 мар. 2025
Источник: redhat
CVSS3: 3.3

Описание

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

A flaw was found in HDF5. This vulnerability allows a heap-based buffer overflow via manipulating the sect argument in the H5FS__sinfo_Srialize_Sct_cb function of src/H5FScache.c.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux AI (RHEL AI)hdf5Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-119
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=2355804hdf5: HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-2914

CVSS3: 3.3
ubuntu
6 месяцев назад

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

nvd логотип

CVE-2025-2914

CVSS3: 3.3
nvd
6 месяцев назад

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

debian логотип

CVE-2025-2914

CVSS3: 3.3
debian
6 месяцев назад

A vulnerability classified as problematic has been found in HDF5 up to ...

github логотип

GHSA-mpcj-9v9v-j2hw

CVSS3: 3.3
github
6 месяцев назад

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

3.3 Low

CVSS3