PT-2025-26227 · Hdf5+1 · Hdf5+1
Rulkallos
·
Published
2025-06-19
·
Updated
2026-01-02
·
CVE-2025-6270
CVSS v3.1
5.3
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
HDF5 versions up to 1.14.6
Description
A critical issue has been found, affecting the
H5FS sect find node function of the file H5FSsection.c, leading to a heap-based buffer overflow. The attack can be launched on the local host.Recommendations
For HDF5 versions up to 1.14.6, as a temporary workaround, consider disabling the
H5FS sect find node function until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Buffer Overflow
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Debian
Hdf5