CVE-2025-2915

Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6

Description A problematic vulnerability was found in HDF5, affecting the function H5F accum free of the file src/H5Faccum.c. The manipulation of the argument overlap size leads to a heap-based buffer overflow. This issue requires local attacking to be exploited.

Recommendations For HDF5 versions up to 1.14.6, as a temporary workaround, consider restricting access to the H5F accum free function until a patch is available. Additionally, be cautious when handling the overlap size argument to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.