CVE-2020-10812

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions HDF5 versions prior to 1.12.1

Description An issue exists in the function H5F get nrefs() located in H5Fquery.c, which is related to a NULL pointer dereference. This issue allows an attacker to cause Denial of Service.

Recommendations For versions prior to 1.12.1, as a temporary workaround, consider disabling the H5F get nrefs() function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2024-2134

BDU:2024-07152

CVE-2020-10812

ECHO-A6FC-8DB7-DF8A

OPENSUSE-SU-2022_3827-1

OPENSUSE-SU-2022_3829-1

OPENSUSE-SU-2024_3144-1

SUSE-SU-2022:3824-1

SUSE-SU-2022:3825-1

SUSE-SU-2022:3826-1

SUSE-SU-2022:3827-1

SUSE-SU-2022:3828-1

SUSE-SU-2022:3829-1

SUSE-SU-2024:0538-1

SUSE-SU-2024:0882-1

SUSE-SU-2024:3144-1

Affected Products

Alt Linux

Astra Linux

Debian

Hdf5

Red Os

Suse

CVE-2020-10812

Weakness Enumeration

Related Identifiers

Affected Products

References · 84