PT-2019-19396 · Hdf+1 · Hdf5+1
Godlovevampire
·
Published
2019-02-25
·
Updated
2019-02-26
·
CVE-2019-9152
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
HDF5 version 1.10.4
Description
An issue was discovered in the HDF5 library, where there is an out of bounds read in the function
H5MM xstrdup in H5MM.c when called from H5O dtype decode helper in H5Odtype.c.Recommendations
For version 1.10.4, consider applying a patch or fix to address the out of bounds read issue in the
H5MM xstrdup function. As a temporary workaround, consider restricting access to the H5MM xstrdup function until a patch is available.Exploit
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Hdf5