| Title | https://github.com/HDFGroup/hdf5 hfd5 v1.14.6 Heap-based Buffer Overflow |
|---|
| Description | A heap-buffer-overflow vulnerability was discovered in the H5SM_delete function within the HDF5 Library. This issue occurs when processing certain .h5 files, leading to an out-of-bounds read and potential application crash. The vulnerability arises in the H5SM_delete function defined in H5SM.c at line 1542. The function fails to properly check the buffer boundaries, resulting in a read operation beyond the allocated memory. |
|---|
| Source | ⚠️ https://github.com/HDFGroup/hdf5/issues/5329 |
|---|
| User | Anonymous User |
|---|
| Submission | 02/27/2025 13:14 (1 Year ago) |
|---|
| Moderation | 03/10/2025 07:49 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 299064 [HDF5 1.14.6 h5 File H5SM.c H5SM_delete heap-based overflow] |
|---|
| Points | 20 |
|---|