Primary

Context

HDF5 Heap-Based Buffer Overflow Vulnerability in HDFGroup Library

Vulnerability

Patched

A heap-based buffer overflow vulnerability has been identified in HDF5 version 1.14.6, specifically in the function H5FS__sect_link_size within the file src/H5FSsection.c. This vulnerability can be exploited locally, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can typically be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the application.

Reproduction

The vulnerability can be reproduced by compiling HDF5 with AddressSanitizer enabled, using Clang as the compiler. After building the library, a fuzzing harness can be used to trigger the vulnerability by sending specially crafted input that exploits the buffer overflow in the H5FS__sect_link_size function.

Added: Jul 4, 2025, 9:17 PM

Updated: Jul 4, 2025, 9:17 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

4.6

remediation

7.7

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

4.6

remediation

7.7

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HDF5 Heap-Based Buffer Overflow Vulnerability in HDFGroup Library

Vulnerability

Impact

Reproduction

Affected Products

HDFGroup HDF5

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating