PT-2017-14817 · Hdf+2 · Hdf5+2

Publicado

2017-12-11

Atualizado

2025-03-18

CVE-2017-17506

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions HDF5 version 1.10.1

Description The issue is related to an out of bounds read in the H5Opline pline decode function in H5Opline.c within libhdf5.a. This can cause a crash, for example, when using h5dump to open a crafted HDF5 file.

Recommendations For HDF5 version 1.10.1, consider restricting access to the H5Opline pline decode function until a patch is available. As a temporary workaround, avoid using h5dump with untrusted HDF5 files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

CVE-2017-17506

SUSE-SU-2022:1903-1

SUSE-SU-2022:1910-1

SUSE-SU-2022:1911-1

SUSE-SU-2022:1933-1

USN-4817-1

Produtos afetados

Hdf5

Suse

Ubuntu

PT-2017-14817 · Hdf+2 · Hdf5+2

CVE-2017-17506

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 96