CVE-2025-2913
HDF5 H5FL.c H5FL__blk_gc_list use after free
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
HDF5 H5FL.c H5FL__blk_gc_list use after free
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as problematic. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Eine problematische Schwachstelle wurde in HDF5 bis 1.14.6 ausgemacht. Es geht hierbei um die Funktion H5FL__blk_gc_list der Datei src/H5FL.c. Mit der Manipulation des Arguments H5FL_blk_head_t mit unbekannten Daten kann eine use after free-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur öffentlichen Verfügung.
| 2025-03-28: | Advisory disclosed |
| 2025-03-28: | VulDB entry created |
| 2025-03-28: | VulDB entry last update |
vuldb.com/?id.301886 (VDB-301886 | HDF5 H5FL.c H5FL__blk_gc_list use after free)
vuldb.com/?ctiid.301886 (VDB-301886 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/?submit.520404 (Submit #520404 | https://github.com/HDFGroup/hdf5 HDF5 v1.14.6 Use After Free)
github.com/HDFGroup/hdf5/issues/5376
Support options
