CVE-2021-46243

Name of the Vulnerable Software and Affected Versions HDF5 version 1.13.1-1

Description The issue is related to an untrusted pointer dereference vulnerability in the function H5O dtype decode helper() at hdf5/src/H5Odtype.c in the HDF5 library. This vulnerability can lead to a Denial of Service (DoS) and can be exploited by a remote attacker, potentially causing service disruption.

Recommendations For HDF5 version 1.13.1-1, as a temporary workaround, consider disabling the H5O dtype decode helper() function until a patch is available. Restrict access to the vulnerable H5Odtype.c file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.