Submeter #514533: HDFGroup hdf5 v1.14.6 Buffer Overflowinformação

TítuloHDFGroup hdf5 v1.14.6 Buffer Overflow
DescriçãoThe HDF5 library contains a heap-based buffer overflow vulnerability in the strndup function, which is called by H5MM_strndup during the decoding of attribute metadata. This vulnerability occurs when the library attempts to read 5 bytes of data beyond the bounds of an allocated 320-byte heap memory region. This could lead to memory corruption, application crashes, or potential exploitation for arbitrary code execution.
Fonte⚠️ https://github.com/madao123123/crash_report/blob/main/hdf5_poc/hdf5_poc4.md
Utilizador
 NPU Unmanned Systems Safety Laboratory (UID 80309)
Submissão05/03/2025 04h21 (há 1 Ano)
Moderação14/03/2025 13h55 (9 days later)
EstadoAceite
Entrada VulDB299723 [HDF5 1.14.6 Metadata Attribute Decoder H5MM_strndup Excesso de tampão]
Pontos20

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!