Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-6858

Опубликовано: 29 июн. 2025
Источник: redhat
CVSS3: 3.3
EPSS Низкий

Описание

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

A flaw was found in hdf5. The H5C__flush_single_entry function contains a NULL pointer dereference triggered by the manipulation of data within a file. A local attacker can induce this condition. This issue can lead to a potential denial of service.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux AI (RHEL AI)hdf5Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-404
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=2375420hdf5: HDF5 Null Pointer Dereference

EPSS

Процентиль: 5%
0.00025
Низкий

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-6858

CVSS3: 3.3
ubuntu
около 1 месяца назад

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

nvd логотип

CVE-2025-6858

CVSS3: 3.3
nvd
около 1 месяца назад

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

debian логотип

CVE-2025-6858

CVSS3: 3.3
debian
около 1 месяца назад

A vulnerability was found in HDF5 1.14.6 and classified as problematic ...

github логотип

GHSA-8fpg-65fw-rjmf

CVSS3: 3.3
github
около 1 месяца назад

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 5%
0.00025
Низкий

3.3 Low

CVSS3