Skip to main content

OSGeo GDAL CVE-2026-8084

| EUVDEUVD-2026-28417 LOW
Out-of-bounds Read (CWE-125)
2026-05-07 VulDB GHSA-jmvp-7877-wr2f
1.9
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
1.9 LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Source Code Evidence Fetched
May 07, 2026 - 19:48 vuln.today
Analysis Generated
May 07, 2026 - 19:48 vuln.today
CVSS changed
May 07, 2026 - 19:22 NVD
3.3 (LOW) 1.9 (LOW)
CVE Published
May 07, 2026 - 18:30 nvd
LOW 1.9

DescriptionCVE.org

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.13.0RC1 is able to resolve this issue. Patch name: a791f70f8eaec540974ec989ca6fb00266b7646c. Upgrading the affected component is advised.

AnalysisAI

Out-of-bounds read in OSGeo GDAL up to version 3.13.0dev-4 occurs in the HDF-EOS Grid File Handler when parsing malformed HDF4 files, allowing local authenticated attackers to read memory beyond buffer bounds. The vulnerability exists in the memmove operation within SWapi.c and GDapi.c that processes field information without proper bounds validation. Vendor-released patch available in version 3.13.0RC1; publicly available exploit code exists.

Technical ContextAI

GDAL (Geospatial Data Abstraction Library) is an open-source library for reading and writing raster and vector geospatial data formats. The vulnerability resides in the HDF-EOS (Hierarchical Data Format-Earth Observing System) Grid File Handler component, specifically in functions that parse field metadata from HDF4 files. The vulnerable code performs a memmove operation to strip parentheses from field name strings without validating string length, leading to CWE-125 (Out-of-bounds Read). When a malformed HDF4 file contains a field name string shorter than two characters (e.g., a single character or empty string), the memmove call with a negative or zero length parameter causes reads beyond the allocated buffer. The fix validates string length and checks for parentheses before performing the memory operation, preventing the out-of-bounds read.

RemediationAI

Upgrade GDAL to version 3.13.0RC1 or later, which includes patch a791f70f8eaec540974ec989ca6fb00266b7646c. If upgrading is not immediately feasible, restrict file processing to trusted HDF4 sources and disable HDF4 driver support in GDAL if not required (via compilation options or runtime driver filtering). Additionally, apply operating system-level access controls to limit which users can execute GDAL and supply input files, reducing the attack surface to privileged or system administrators. Monitor GDAL usage logs for attempts to process malformed HDF4 files. See https://github.com/OSGeo/gdal/releases/tag/v3.13.0RC1 for release notes and https://github.com/OSGeo/gdal/commit/a791f70f8eaec540974ec989ca6fb00266b7646c for technical details of the fix.

More in Gdal

View all
CVE-2019-17545 CRITICAL
9.8 Oct 14

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exce

CVE-2025-29480 MEDIUM POC
5.5 Apr 07

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialRefe

CVE-2026-4738 CRITICAL
9.4 Mar 24

A buffer overflow vulnerability in GDAL versions before 3.11.0 within the zlib infback9 module allows remote attackers t

CVE-2019-17546 HIGH
8.8 Oct 14

tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that

CVE-2026-49014 HIGH
7.4 May 27

Arbitrary code execution in GDAL 3.1.0 through 3.13.0 is reachable through the netCDF driver, where scanForGeometryConta

CVE-2026-8213 LOW POC
1.9 May 09

Heap-based buffer overflow in OSGeo GDAL's Grid File Handler (GDSDfldsrch function in frmts/hdf4/hdf-eos/GDapi.c) affect

CVE-2026-8212 LOW POC
1.9 May 09

Heap-based buffer overflow in GDAL's HDF4-EOS SWSDfldsrch function (frmts/hdf4/hdf-eos/SWapi.c) allows local authenticat

CVE-2026-8087 LOW POC
1.9 May 07

Heap-based buffer overflow in OSGeo GDAL up to version 3.13.0dev-4 allows local authenticated attackers to corrupt memor

CVE-2026-8086 LOW POC
1.9 May 07

Heap-based buffer overflow in OSGeo GDAL up to 3.13.0dev-4 within the SWnentries function of the HDF4-EOS module allows

CVE-2026-8088 LOW POC
1.9 May 07

Out-of-bounds read in OSGeo GDAL up to version 3.13.0dev-4 affects the GDfieldinfo function in HDF-EOS module when proce

Share

CVE-2026-8084 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy