PT-2022-7550 · Hdf5+2 · Hdf5+2
Zfeixq
·
Published
2022-01-05
·
Updated
2024-09-12
·
CVE-2021-45832
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
HDF5 version 1.13.1-1
Description
A Stack-based Buffer Overflow issue exists in the HDF5 library, specifically in the file H5Eint.c, which can cause a Denial of Service. This issue is related to uncontrolled recursion. The exploitation of this issue may allow an attacker to cause a denial of service.
Recommendations
For HDF5 version 1.13.1-1, consider disabling access to the vulnerable file H5Eint.c as a temporary workaround until a patch is available. Restrict the use of the HDF5 library to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.
Exploit
Fix
DoS
Uncontrolled Recursion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Hdf5
Red Os