Summary: | sci-libs/hdf5: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | sci |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=661158 | ||
Whiteboard: | B3 [upstream/ebuild? cve] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2020-03-22 19:23:59 UTC
(In reply to sam_c (Security Padawan) from comment #0) > 1) CVE-2020-10809 > Description: > "An issue was discovered in HDF5 through 1.12.0. A heap-based buffer > overflow exists in the function Decompress() located in decompress.c. It can > be triggered by sending a crafted file to the gif2h5 binary. It allows an > attacker to cause Denial of Service." > > Disclosure: > https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_1 > https://research.loginsoft.com/bugs/heap-overflow-in-decompress-c-hdf5-1-13-0/ > 2) CVE-2020-10810 > Description: > "An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference > exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an > attacker to cause Denial of Service." > > Disclosure: > https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_3 > https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5ac-c-hdf5-1-13-0/ > 3) CVE-2020-10811 > Description: > "An issue was discovered in HDF5 through 1.12.0. A heap-based buffer > over-read exists in the function H5O__layout_decode() located in > H5Olayout.c. It allows an attacker to cause Denial of Service." > > Disclosure: > https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_2 > https://research.loginsoft.com/bugs/heap-buffer-overflow-in-h5olayout-c-hdf5-1-13-0/ > 4) CVE-2020-10812 > Description: > "An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference > exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an > attacker to cause Denial of Service." > > Disclosure: > https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_4 https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5fquery-c-hdf5-1-13-0/ --- Note that 1.13.0 is unreleased but seems unpatched at present. Need to keep an eye on this: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt CVE-2020-10812 (https://nvd.nist.gov/vuln/detail/CVE-2020-10812): An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service. CVE-2020-10811 (https://nvd.nist.gov/vuln/detail/CVE-2020-10811): An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service. CVE-2020-10810 (https://nvd.nist.gov/vuln/detail/CVE-2020-10810): An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service. CVE-2020-10809 (https://nvd.nist.gov/vuln/detail/CVE-2020-10809): An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service. CVE-2021-45829 (https://github.com/HDFGroup/hdf5/issues/1317): HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service. CVE-2021-45833 (https://github.com/HDFGroup/hdf5/issues/1313): A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent). CVE-2021-45832 (https://github.com/HDFGroup/hdf5/issues/1315): A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent). CVE-2021-45830 (https://github.com/HDFGroup/hdf5/issues/1314): A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service. CVE-2021-46242 (https://github.com/HDFGroup/hdf5/issues/1329): HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry. CVE-2021-46243 (https://github.com/HDFGroup/hdf5/issues/1326): An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service (DoS). CVE-2021-46244 (https://github.com/HDFGroup/hdf5/issues/1327): A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS). All seem unfixed. |