CVE-2020-10810 — NULL Pointer Dereference in Hdf5

CWE-476 — NULL Pointer Dereference CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources

Severity

5.5MEDIUMNVD

EPSS

0.4%

top 37.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hdfgroup Hdf5 Debian Hdf5

Timeline

PublishedMar 22

Latest updateMay 24

Description

An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/hdf5< hdf5 1.10.8+repack-1 (bookworm)

▶Debianhdfgroup/hdf5< 1.10.8+repack-1+2

▶NVDhdfgroup/hdf51.12.0

🔴Vulnerability Details

GHSA

GHSA-hc6g-pjf5-5gr6: An issue was discovered in HDF5 through 1↗2022-05-24

▶

OSV

CVE-2020-10810: An issue was discovered in HDF5 through 1↗2020-03-22

▶

📋Vendor Advisories

Red Hat

hdf5: Null pointer dereference in function H5AC_unpin_entry() in H5AC.c↗2020-03-22

▶

Debian

CVE-2020-10810: hdf5 - An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exist...↗2020

▶

💬Community

Bugzilla

CVE-2020-10810 hdf5: Null pointer dereference in function H5AC_unpin_entry() in H5AC.c↗2020-04-24

▶

Bugzilla

CVE-2020-10810 hdf5: Null pointer dereference in function H5AC_unpin_entry() in H5AC.c [fedora-all]↗2020-04-24

▶

Bugzilla

CVE-2020-10810 hdf5: Null pointer dereference in function H5AC_unpin_entry() in H5AC.c [epel-all]↗2020-04-24

▶