SUSE update for hdf5



| Updated: 2023-03-09
Risk High
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2018-11205
CVE-2018-13867
CVE-2018-14031
CVE-2018-16438
CVE-2018-17439
CVE-2019-8396
CVE-2020-10812
CVE-2021-45830
CVE-2021-45833
CVE-2021-46242
CVE-2021-46244
CWE-ID CWE-125
CWE-119
CWE-476
CWE-122
CWE-121
CWE-416
CWE-369
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		SUSE Linux Enterprise High Performance Computing
Operating systems & Components / Operating system

hdf5-hpc-examples
Operating systems & Components / Operating system package or component

hdf5-gnu-openmpi3-hpc-devel
Operating systems & Components / Operating system package or component

hdf5-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

hdf5-gnu-openmpi2-hpc-devel
Operating systems & Components / Operating system package or component

hdf5-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

hdf5-gnu-mvapich2-hpc-devel
Operating systems & Components / Operating system package or component

hdf5-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

hdf5-gnu-mpich-hpc-devel
Operating systems & Components / Operating system package or component

hdf5-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

hdf5-gnu-hpc-devel
Operating systems & Components / Operating system package or component

hdf5-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5hl_fortran_1_10_8-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_fortran-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_fortran-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_fortran-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_fortran-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_fortran-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp_1_10_8-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_cpp-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_hl_1_10_8-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_hl-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_fortran_1_10_8-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_fortran-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_cpp_1_10_8-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_cpp-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-hpc-debuginfo
Operating systems & Components / Operating system package or component

libhdf5_1_10_8-gnu-hpc
Operating systems & Components / Operating system package or component

libhdf5-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

libhdf5-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

libhdf5-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

libhdf5-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

libhdf5-gnu-hpc
Operating systems & Components / Operating system package or component

hdf5_1_10_8-hpc-examples
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi3-hpc-module
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi3-hpc-devel
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi3-hpc
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi2-hpc-module
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi2-hpc-devel
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-openmpi2-hpc
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mvapich2-hpc-module
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mvapich2-hpc-devel
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mvapich2-hpc
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mpich-hpc-module
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mpich-hpc-devel-static
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mpich-hpc-devel
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mpich-hpc-debugsource
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mpich-hpc-debuginfo
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-mpich-hpc
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-hpc-module
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-hpc-devel-static
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-hpc-devel
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-hpc-debugsource
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-hpc-debuginfo
Operating systems & Components / Operating system package or component

hdf5_1_10_8-gnu-hpc
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU37127

Risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-11205

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.

A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU36915

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-13867

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU36906

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14031

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the function H5T_copy in H5T.c. A remote attacker can perform a denial of service attack.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU36732

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16438

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

EUVDB-ID: #VU36618

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-17439

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Buffer overflow

EUVDB-ID: #VU68914

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8396

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the H5O__layout_encode function in H5Olayout.c. A remote attacker can pass specially crafted data to the application, trigger a buffer buffer overflow and perform a denial of service (DoS) attack.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) NULL pointer dereference

EUVDB-ID: #VU26296

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-10812

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the H5F_get_nrefs() function in H5Fquery.c. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Heap-based buffer overflow

EUVDB-ID: #VU68912

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-45830

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the H5F_addr_decode_len() function in /hdf5/src/H5Fint.c. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Stack-based buffer overflow

EUVDB-ID: #VU68911

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-45833

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in within the H5D__create_chunk_file_map_hyper() function in /hdf5/src/H5Dchunk.c. A remote attacker can send specially crafted data to the application, trigger a stack-based buffer overflow and perform a denial of service (DoS) attack.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use-after-free

EUVDB-ID: #VU68908

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46242

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the H5AC_unpin_entry component. A remote attacker can pass specially crafted input to the application, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Division by zero

EUVDB-ID: #VU68907

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46244

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a divide by zero error within the H5T__complete_copy() function in /hdf5/src/H5T.c. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package hdf5 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Performance Computing: 15-SP2-ESPOS - 15-SP2-LTSS

hdf5-hpc-examples: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_hl-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_fortran-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_cpp-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

libhdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

libhdf5-gnu-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-hpc-examples: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi3-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150200.8.7.1

hdf5_1_10_8-gnu-hpc: before 1.10.8-150200.8.7.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223826-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###