PT-2018-12238 · Hdf+2 · Hdf5+2

Published

2018-07-10

Updated

2022-06-03

CVE-2018-13870

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HDF5 version 1.8.20

Description A heap-based buffer over-read issue was discovered in the HDF5 library, specifically in the H5O link decode function located in H5Olink.c.

Recommendations For version 1.8.20, consider applying a patch or fix that addresses the heap-based buffer over-read in the H5O link decode function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2025-12513

CVE-2018-13870

SUSE-SU-2022:1903-1

SUSE-SU-2022:1910-1

SUSE-SU-2022:1911-1

SUSE-SU-2022:1933-1

Affected Products

Debian

Hdf5

Suse

PT-2018-12238 · Hdf+2 · Hdf5+2

CVE-2018-13870

Weakness Enumeration

Related Identifiers

Affected Products

References · 92