PT-2026-38555 · Osgeo · Gdal
Biniam
·
Published
2026-05-07
·
Updated
2026-05-11
·
CVE-2026-8084
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
OSGeo gdal versions prior to 3.13.0RC1
Description
An issue exists in the HDF-EOS Grid File Handler component within the
memmove() function of the frmts/hdf4/hdf-eos/SWapi.c file. This flaw allows for an out-of-bounds read, which occurs when the system reads data outside the intended boundary of a buffer. This attack is restricted to local execution.Recommendations
Upgrade to version 3.13.0RC1.
Exploit
Fix
Out of bounds Read
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Gdal