CVE-2021-46244 — Divide By Zero in Hdf5

CWE-369 — Divide By Zero5 documents5 sources

Severity

6.5MEDIUMNVD

EPSS

0.4%

top 38.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hdfgroup Hdf5 Debian Hdf5

Timeline

PublishedJan 21

Latest updateJan 22

Description

A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/hdf5< hdf5 1.14.5+repack-1 (forky)

▶Debianhdfgroup/hdf5< 1.14.5+repack-1+1

▶NVDhdfgroup/hdf51.13.1-1

🔴Vulnerability Details

GHSA

GHSA-vrxh-5gxg-rmhm: A Divide By Zero vulnerability exists in HDF5 v1↗2022-01-22

▶

OSV

CVE-2021-46244: A Divide By Zero vulnerability exists in HDF5 v1↗2022-01-21

▶

📋Vendor Advisories

Red Hat

hdf5: Divide by zero via the function H5T__complete_copy () at /hdf5/src/H5T.c↗2022-01-21

▶

Debian

CVE-2021-46244: hdf5 - A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__co...↗2021

▶