Skip to main content

Hdf5 CVE-2024-32614

HIGH
Out-of-bounds Read (CWE-125)
2024-05-14 cve@mitre.org
8.8
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 14, 2024 - 15:36 cve.org
HIGH 8.8

DescriptionCVE.org

HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.

AnalysisAI

HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c. Affected products include: Hdfgroup Hdf5. Version information: through 1.14.3.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

More in Hdf5

View all
CVE-2018-13876 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13874 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13873 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13872 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13871 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13870 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13869 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13868 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13867 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2018-13866 CRITICAL POC
9.8 Jul 10

An issue was discovered in the HDF HDF5 1.8.20 library. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2017-17509 HIGH POC
8.8 Dec 11

In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhd

CVE-2019-9152 HIGH POC
8.8 Feb 25

An issue was discovered in the HDF HDF5 1.10.4 library. Rated high severity (CVSS 8.8), this vulnerability is remotely e

Share

CVE-2024-32614 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy