HDF5 Heap Buffer Overflow Vulnerability in H5 Files Prior to 1.14.4-2

A heap buffer overflow vulnerability has been identified in HDF5 versions through 1.14.1-2. This vulnerability allows an attacker to control an 'h5' file being parsed by HDF5, potentially leading to a denial-of-service condition. Depending on how the heap overflow is exploited, it could also allow for remote code execution, although such exploitability in real-world scenarios is currently unknown.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to a denial-of-service condition. Additionally, heap-based buffer overflows have the potential to be exploited for remote code execution, depending on the context and environment.

Reproduction

The vulnerability can be reproduced by fuzzing the 'h5dump' utility with a crafted 'h5' file that triggers the heap buffer overflow. This can be done by building HDF5 with GCC 10 and AddressSanitizer enabled, then using 'h5dump' to parse the malicious file. The AddressSanitizer will report the heap-buffer-overflow error, indicating that the vulnerability has been successfully exploited.

Remediation

Users should upgrade to HDF5 version 1.14.4-2 or later, where this vulnerability has been fixed.