Note:
This project will be discontinued after December 13, 2021. [more]
2018-09-24
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
| Products | Hdf5 |
| Type | Missing Release of Resource after Effective Lifetime (CWE-772) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://lists.debian.org/debian-lts-announce/2023/08/msg00009.html
• https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#memory-leak-in-h5o_dtype_decode_helper |