PT-2025-13568 · Hdf5+1 · Hdf5+1

Chen Lihai

Publicado

2025-03-28

Atualizado

2026-03-29

CVE-2025-2925

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6

Description A problematic issue has been identified, affecting the H5MM realloc function in the file src/H5MM.c. The manipulation of the mem argument leads to a double free condition. This issue can be exploited locally.

Recommendations For HDF5 versions up to 1.14.6, consider applying a patch or fix that addresses the double free condition in the H5MM realloc function. As a temporary workaround, restrict the use of the H5MM realloc function to minimize the risk of exploitation.

Exploit

Correção

Buffer Overflow

Double Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-415

Identificadores relacionados

AZL-59343

AZL-59364

CVE-2025-2925

ECHO-F554-DFA2-2106

OESA-2026-1131

OESA-2026-1132

OESA-2026-1133

OESA-2026-1134

OESA-2026-1135

Produtos afetados

Debian

Hdf5

PT-2025-13568 · Hdf5+1 · Hdf5+1

CVE-2025-2925

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 50