Primary

Context

HDF5 Heap-Based Buffer Overflow Vulnerability in H5F_addr_decode_len Function

Vulnerability

A critical heap-based buffer overflow vulnerability has been identified in HDF5 versions through 1.14.6. The issue arises in the function H5F_addr_decode_len within the file H5Fint.c. The vulnerability is caused by inadequate validation of buffer lengths, allowing the function to read beyond the allocated memory. This flaw can lead to undefined behavior and potential security risks. The vulnerability must be exploited locally.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to undefined behavior, including memory corruption and the possibility of executing arbitrary code.

Reproduction

The vulnerability can be reproduced using a fuzzing approach. After compiling HDF5 with AddressSanitizer enabled, a specific fuzzer can be used to target the H5F_addr_decode_len function. The fuzzer should be crafted to provide input that exploits the buffer length validation issue, causing the function to read past the end of the allocated buffer.

Added: Jun 23, 2025, 5:20 PM

Updated: Jun 23, 2025, 5:20 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

4.6

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

4.6

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HDF5 Heap-Based Buffer Overflow Vulnerability in H5F_addr_decode_len Function

Vulnerability

Impact

Reproduction

Affected Products

HDF5

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating