CVE-2020-10812 — NULL Pointer Dereference in Hdf5

CWE-476 — NULL Pointer Dereference CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources

Severity

5.5MEDIUMNVD

EPSS

0.2%

top 62.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hdfgroup Hdf5 Debian Hdf5

Timeline

PublishedMar 22

Latest updateMay 24

Description

An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDhdfgroup/hdf51.12.0

▶debiandebian/hdf5

🔴Vulnerability Details

GHSA

GHSA-g838-rwc8-xv7q: An issue was discovered in HDF5 through 1↗2022-05-24

▶

OSV

CVE-2020-10812: An issue was discovered in HDF5 through 1↗2020-03-22

▶

📋Vendor Advisories

Red Hat

hdf5: Null pointer dereference in function H5F_get_nrefs() in H5Fquery.c↗2020-03-22

▶

Debian

CVE-2020-10812: hdf5 - An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exist...↗2020

▶

💬Community

Bugzilla

CVE-2020-10812 hdf5: Null pointer dereference in function H5F_get_nrefs() in H5Fquery.c [fedora-all]↗2020-04-24

▶

Bugzilla

CVE-2020-10812 hdf5: Null pointer dereference in function H5F_get_nrefs() in H5Fquery.c↗2020-04-24

▶

Bugzilla

CVE-2020-10812 hdf5: Null pointer dereference in function H5F_get_nrefs() in H5Fquery.c [epel-all]↗2020-04-24

▶