CVE-2021-37501

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions HDF5 versions 1.12.0 through 1.13.0

Description The issue is related to a buffer overflow in the h5tools str sprint function, located in /hdf5/tools/lib/h5tools str.c, which can cause a denial of service. This can be exploited by a remote attacker.

Recommendations For versions 1.12.0 through 1.13.0, consider disabling the h5tools str sprint function as a temporary workaround until a patch is available. Restrict access to the h5dump tool to minimize the risk of exploitation.

Exploit

Fix

DoS

Memory Corruption

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122

Related Identifiers

AZL-13349

AZL-34796

BDU:2023-02008

CVE-2021-37501

ECHO-7E9D-D6D6-80FC

OESA-2023-1325

OESA-2023-1326

OESA-2023-1327

OESA-2023-1328

OPENSUSE-SU-2024_3144-1

RHSA-2025:3801

SUSE-SU-2023:0691-1

SUSE-SU-2023:0777-1

SUSE-SU-2023:1563-1

SUSE-SU-2023_0691-1

SUSE-SU-2023_0777-1

SUSE-SU-2023_1563-1

SUSE-SU-2024:0538-1

SUSE-SU-2024:0882-1

SUSE-SU-2024:3144-1

Affected Products

Debian

Hdf5

Red Os

Suse

CVE-2021-37501

Weakness Enumeration

Related Identifiers

Affected Products

References · 73