| 제목 | https://github.com/HDFGroup/hdf5 HDF5 1.14.6 Double Free |
|---|
| 설명 | A double-free vulnerability was discovered in the H5MM_xfree function within the HDF5 Library. This issue occurs when processing certain files, leading to a potential application crash.
The vulnerability arises in the H5MM_xfree function defined in src/H5MM.c at line 201.
The reason is that the function H5MM_realloc defined at line 87 in file src/H5MM.c uses realloc to release the memory pointed to by pointer mem when handling size as 0, but does not set pointer mem to NULL afterwards. Causing subsequent operations to result in double free when calling the H5MM_xfree function. Similarly, the function H5MM_xfree does not set the corresponding pointer to NULL after using free. |
|---|
| 원천 | ⚠️ https://github.com/HDFGroup/hdf5/issues/5383 |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2025. 03. 16. AM 09:24 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 03. 28. PM 12:56 (12 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 301900 [HDF5 까지 1.14.6 src/H5MM.c H5MM_realloc mem 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|