CVE-2021-45832Uncontrolled Recursion in Hdf5

CWE-674Uncontrolled RecursionCWE-787Out-of-bounds Write5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 85.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hdfgroup Hdf5Debian Hdf5
Timeline
PublishedJan 5
Latest updateJan 6

Description

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

debiandebian/hdf5
NVDhdfgroup/hdf51.13.1-1

🔴Vulnerability Details

2
GHSA
GHSA-hvh7-f5p9-68g8: A Stack-based Buffer Overflow Vulnerability exists in HDF5 12022-01-06
OSV
CVE-2021-45832: A Stack-based Buffer Overflow Vulnerability exists in HDF5 12022-01-05

📋Vendor Advisories

2
Red Hat
hdf5: stack buffer overflow in hdf5/src/H5Eint.c2022-01-05
Debian
CVE-2021-45832: hdf5 - A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/s...2021