#VU12155 Heap-based buffer overflow in HDF5 - CVE-2016-4333

Cybersecurity Help s.r.o.

Published: 2018-04-25

Vulnerability identifier: #VU12155

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-4333

CWE-ID: CWE-122

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
HDF5
Universal components / Libraries / Libraries used by multiple products

Vendor: HDF Group

Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to the library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. A local attacker can cause the loop's index to point outside the bounds of the array when initializing it, trigger heap-based buffer overflow and execute arbitrary code with root privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Install update from vendor's website.

Vulnerable software versions

HDF5: 1.8.16

External links
https://www.talosintelligence.com/reports/TALOS-2016-0179/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for hdf5

Gentoo update for HDF5

Fedora 25 update for hdf5

Fedora EPEL 6 update for hdf5

Fedora EPEL 7 update for hdf5

Debian update for hdf5