A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/HDFGroup/hdf5/issues/5379 | Exploit Issue Tracking Vendor Advisory |
https://vuldb.com/?ctiid.301887 | Permissions Required VDB Entry |
https://vuldb.com/?id.301887 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.520880 | Third Party Advisory VDB Entry |
Configurations
History
05 Jun 2025, 19:21
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:* | |
First Time |
Hdfgroup
Hdfgroup hdf5 |
|
Summary |
|
|
CWE | CWE-787 | |
References | () https://github.com/HDFGroup/hdf5/issues/5379 - Exploit, Issue Tracking, Vendor Advisory | |
References | () https://vuldb.com/?ctiid.301887 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.301887 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.520880 - Third Party Advisory, VDB Entry |
28 Mar 2025, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-03-28 17:15
Updated : 2025-06-05 19:21
NVD link : CVE-2025-2914
Mitre link : CVE-2025-2914
CVE.ORG link : CVE-2025-2914
JSON object : View
Products Affected
hdfgroup
- hdf5