PT-2018-3950 · Hdf+2 · Hdf5+2

Publicado

2018-09-24

Atualizado

2022-06-08

CVE-2018-17438

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions HDF5 versions through 1.10.3

Description The issue is related to a lack of protection against division by zero in the H5Dselect.c component of the HDF5 library. This could allow a remote denial of service attack by exploiting the vulnerability with a specially crafted HDF file.

Recommendations For versions through 1.10.3, consider updating to a version that addresses the division by zero issue in the H5D select io() function to prevent potential remote denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Divide By Zero

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-369

Identificadores relacionados

BDU:2023-07614

CVE-2018-17438

OPENSUSE-SU-2022_1912-1

SUSE-SU-2022:1903-1

SUSE-SU-2022:1910-1

SUSE-SU-2022:1911-1

SUSE-SU-2022:1912-1

SUSE-SU-2022:1933-1

Produtos afetados

Astra Linux

Hdf5

Suse

PT-2018-3950 · Hdf+2 · Hdf5+2

CVE-2018-17438

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 133