PT-2018-14027 · Hdf+2 · Hdf5+2

Publicado

2018-09-24

Atualizado

2023-12-29

CVE-2018-17436

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions HDF5 library versions prior to 1.10.4

Description The issue allows attackers to cause a denial of service via a crafted HDF5 file, specifically through the ReadCode() function in decompress.c. This was discovered when converting a GIF file to an HDF file, resulting in invalid write access.

Recommendations For versions prior to 1.10.4, update to version 1.10.4 or later to resolve the issue.

Exploit

Correção

DoS

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2018-17436

ECHO-E8C4-F7E3-A4FC

OESA-2023-1985

OESA-2023-1986

OESA-2023-1987

OESA-2023-1988

OESA-2023-1989

OPENSUSE-SU-2022_1912-1

SUSE-SU-2022:1903-1

SUSE-SU-2022:1910-1

SUSE-SU-2022:1911-1

SUSE-SU-2022:1912-1

SUSE-SU-2022:1933-1

Produtos afetados

Debian

Hdf5

Suse

PT-2018-14027 · Hdf+2 · Hdf5+2

CVE-2018-17436

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 143