CVE-2019-9152 — Out-of-bounds Read in Hdf5

CWE-125 — Out-of-bounds Read8 documents6 sources

Severity

8.8HIGHNVD

EPSS

0.4%

top 39.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hdfgroup Hdf5 Debian Hdf5

Timeline

PublishedFeb 25

Latest updateMay 14

Description

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶debiandebian/hdf5

▶NVDhdfgroup/hdf51.10.4

🔴Vulnerability Details

GHSA

GHSA-4m46-2257-r2fq: An issue was discovered in the HDF HDF5 1↗2022-05-14

▶

OSV

CVE-2019-9152: An issue was discovered in the HDF HDF5 1↗2019-02-25

▶

📋Vendor Advisories

Red Hat

hdf5: out of bounds read in function H5MM_xstrdup in H5MM.c↗2019-02-19

▶

Debian

CVE-2019-9152: hdf5 - An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bound...↗2019

▶

💬Community

Bugzilla

CVE-2019-9152 hdf5: out of bounds read in function H5MM_xstrdup in H5MM.c [fedora-all]↗2019-03-01

▶

Bugzilla

CVE-2019-9152 hdf5: out of bounds read in function H5MM_xstrdup in H5MM.c↗2019-03-01

▶

Bugzilla

CVE-2019-9152 hdf5: out of bounds read in function H5MM_xstrdup in H5MM.c [epel-all]↗2019-03-01

▶