Multiple vulnerabilities in HDF5
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2017-17505 CVE-2017-17506 CVE-2017-17507 CVE-2017-17508 CVE-2017-17509 |
| CWE-ID | CWE-476 CWE-125 CWE-369 CWE-787 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
HDF5 Universal components / Libraries / Libraries used by multiple products |
| Vendor | HDF Group |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) NULL pointer dereference
EUVDB-ID: #VU37766
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-17505
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error in H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. A remote attacker can perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsHDF5: 1.10.1
CPE2.3 External linkshttps://github.com/xiaoqx/pocs/tree/master/hdf5/readme.md
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU37767
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-17506
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
MitigationInstall update from vendor's website.
Vulnerable software versionsHDF5: 1.10.1
CPE2.3 External linkshttps://github.com/xiaoqx/pocs/tree/master/hdf5/readme.md
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU37768
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-17507
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5T_conv_struct_opt in H5Tconv.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
MitigationInstall update from vendor's website.
Vulnerable software versionsHDF5: 1.10.1
CPE2.3 External linkshttps://github.com/xiaoqx/pocs/tree/master/hdf5/readme.md
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Division by zero
EUVDB-ID: #VU37769
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-17508
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service attack.
The vulnerability exists due to division by zero error when processing untrusted input in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. A remote attacker can perform denial of service attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsHDF5: 1.10.1
CPE2.3 External linkshttps://github.com/xiaoqx/pocs/tree/master/hdf5/readme.md
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds write
EUVDB-ID: #VU37770
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-17509
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.
MitigationInstall update from vendor's website.
Vulnerable software versionsHDF5: 1.10.1
CPE2.3 External linkshttps://github.com/xiaoqx/pocs/tree/master/hdf5/readme.md
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
