Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-7068

Опубликовано: 04 июл. 2025
Источник: redhat
CVSS3: 3.3
EPSS Низкий

Описание

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

A flaw was found in HDF5. The H5FL__malloc function in src/H5FL.c exhibits a memory leak due to improper memory management, requiring local attacker access. This manipulation results in a resource exhaustion condition. Consequently, an application-level denial of service may occur.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux AI (RHEL AI)hdf5Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-401
Дефект:
CWE-404
https://bugzilla.redhat.com/show_bug.cgi?id=2376477hdf5: HDF5 Memory Leak Vulnerability

EPSS

Процентиль: 9%
0.00034
Низкий

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-7068

CVSS3: 3.3
ubuntu
3 месяца назад

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

nvd логотип

CVE-2025-7068

CVSS3: 3.3
nvd
3 месяца назад

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

debian логотип

CVE-2025-7068

CVSS3: 3.3
debian
3 месяца назад

A vulnerability, which was classified as problematic, has been found i ...

github логотип

GHSA-v8w5-gvph-x6f3

CVSS3: 3.3
github
3 месяца назад

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

fstec логотип

BDU:2025-08163

CVSS3: 3.3
fstec
4 месяца назад

Уязвимость функции H5FL__malloc() (src/H5FL.c) библиотеки HDF5, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 9%
0.00034
Низкий

3.3 Low

CVSS3