CVE-2021-46242 — Use After Free in Hdf5

Severity

8.8HIGHNVD

EPSS

0.3%

top 47.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJan 21

Latest updateJan 22

Description

HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

▶debiandebian/hdf5< hdf5 1.14.5+repack-1 (forky)

▶Debianhdfgroup/hdf5< 1.14.5+repack-1+1

▶NVDhdfgroup/hdf51.13.1-1

GHSA

GHSA-x9pw-hh7v-wjpf: HDF5 v1↗2022-01-22

▶

OSV

CVE-2021-46242: HDF5 v1↗2022-01-21

▶

Red Hat

hdf5: Heap-use-after free via the component H5AC_unpin_entry↗2022-01-21

▶

Debian

CVE-2021-46242: hdf5 - HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component...↗2021

▶