PT-2019-19396 · Hdf+1 · Hdf5+1
Godlovevampire
·
Publicado
2019-02-25
·
Atualizado
2019-02-26
·
CVE-2019-9152
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
HDF5 version 1.10.4
Description
An issue was discovered in the HDF5 library, where there is an out of bounds read in the function
H5MM xstrdup in H5MM.c when called from H5O dtype decode helper in H5Odtype.c.Recommendations
For version 1.10.4, consider applying a patch or fix to address the out of bounds read issue in the
H5MM xstrdup function. As a temporary workaround, consider restricting access to the H5MM xstrdup function until a patch is available.Exploit
Correção
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
Hdf5