HDF5 Null Pointer Dereference Vulnerability in Cache Serialization Function

A null pointer dereference vulnerability has been identified in the HDF5 library, specifically in versions through 1.14.6. The issue arises in the 'H5O__cache_chk_serialize' function within 'src/H5Ocache.c'. This vulnerability can lead to a local application crash. The problem occurs because the function does not properly validate a pointer before attempting to read data from it, allowing for a null pointer dereference.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a crash of the application using the HDF5 library.

Reproduction

The vulnerability can be reproduced by compiling the HDF5 library with AddressSanitizer enabled, which will catch memory access errors. After building the library, a fuzzer can be used to send crafted input that triggers the null pointer dereference. The AddressSanitizer will report the segmentation fault caused by the invalid memory access, demonstrating the vulnerability.

Remediation

Users are advised to update to HDF5 version 2.0.0 or later, where this vulnerability has been addressed.