CVE-2025-2925

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6

Description A problematic issue has been identified, affecting the H5MM realloc function in the file src/H5MM.c. The manipulation of the mem argument leads to a double free condition. This issue can be exploited locally.

Recommendations For HDF5 versions up to 1.14.6, consider applying a patch or fix that addresses the double free condition in the H5MM realloc function. As a temporary workaround, restrict the use of the H5MM realloc function to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-415

Related Identifiers

AZL-59343

AZL-59364

CVE-2025-2925

ECHO-F554-DFA2-2106

OESA-2026-1131

OESA-2026-1132

OESA-2026-1133

OESA-2026-1134

OESA-2026-1135

Affected Products

Debian

Hdf5

CVE-2025-2925

Weakness Enumeration

Related Identifiers

Affected Products

References · 50