Debian Hdf5 vulnerabilities

CVE-2026-26200 [HIGH] CVE-2026-26200: hdf5 - HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who c... HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on the practical exploitability of the heap overflow against modern operati

CVE-2025-2915 [MEDIUM] CVE-2025-2915: hdf5 - A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This v... A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_size leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bull

CVE-2025-2912 [MEDIUM] CVE-2025-2912: hdf5 - A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problema... A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5O_msg_flush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Scope: local book

CVE-2025-6270 [MEDIUM] CVE-2025-6270: hdf5 - A vulnerability, which was classified as critical, has been found in HDF5 up to ... A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FS__sect_find_node of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Scope: local bookworm: op

CVE-2025-2925 [MEDIUM] CVE-2025-2925: hdf5 - A vulnerability has been found in HDF5 up to 1.14.6 and classified as problemati... A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open fork

CVE-2025-6750 [MEDIUM] CVE-2025-6750: hdf5 - A vulnerability, which was classified as problematic, has been found in HDF5 1.1... A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5O__mtime_new_encode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open fo

CVE-2025-44905 [HIGH] CVE-2025-44905: hdf5 - hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filte... hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2025-6857 [MEDIUM] CVE-2025-6857: hdf5 - A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Aff... A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bulls

CVE-2025-2923 [MEDIUM] CVE-2025-2923: hdf5 - A vulnerability, which was classified as problematic, has been found in HDF5 up ... A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5F_addr_encode_len of the file src/H5Fint.c. The manipulation of the argument pp leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Scope: local bookworm: o

CVE-2025-6818 [MEDIUM] CVE-2025-6818: hdf5 - A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. ... A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5O__chunk_protect of the file /src/H5Ochunk.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: open sid: op

CVE-2025-6858 [MEDIUM] CVE-2025-6858: hdf5 - A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected... A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: o

CVE-2025-7068 [MEDIUM] CVE-2025-7068: hdf5 - A vulnerability, which was classified as problematic, has been found in HDF5 1.1... A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2025-6269 [MEDIUM] CVE-2025-6269: hdf5 - A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected ... A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5C__reconstruct_cache_entry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky

CVE-2025-7067 [MEDIUM] CVE-2025-7067: hdf5 - A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnera... A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FS__sinfo_serialize_node_cb of the file src/H5FScache.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye:

CVE-2025-6856 [MEDIUM] CVE-2025-6856: hdf5 - A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. ... A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2025-2310 [MEDIUM] CVE-2025-2310: hdf5 - A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue ... A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. S

CVE-2025-6516 [MEDIUM] CVE-2025-6516: hdf5 - A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. ... A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open

CVE-2025-44904 [HIGH] CVE-2025-44904: hdf5 - hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcp... hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2025-2914 [MEDIUM] CVE-2025-2914: hdf5 - A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. T... A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Scope: local bookworm:

CVE-2025-2309 [MEDIUM] CVE-2025-2309: hdf5 - A vulnerability has been found in HDF5 1.14.6 and classified as critical. This v... A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in