A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/HDFGroup/hdf5/issues/5578 | Exploit Issue Tracking Third Party Advisory |
https://github.com/user-attachments/files/20623530/hdf5_crash_10.txt | Exploit |
https://vuldb.com/?ctiid.314903 | Permissions Required |
https://vuldb.com/?id.314903 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.602537 | Third Party Advisory VDB Entry |
https://github.com/HDFGroup/hdf5/issues/5578 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
09 Jul 2025, 17:36
Type | Values Removed | Values Added |
---|---|---|
First Time |
Hdfgroup hdf5
Hdfgroup |
|
CPE | cpe:2.3:a:hdfgroup:hdf5:1.14.6:*:*:*:*:*:*:* | |
References | () https://github.com/HDFGroup/hdf5/issues/5578 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://github.com/user-attachments/files/20623530/hdf5_crash_10.txt - Exploit | |
References | () https://vuldb.com/?ctiid.314903 - Permissions Required | |
References | () https://vuldb.com/?id.314903 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.602537 - Third Party Advisory, VDB Entry |
08 Jul 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://github.com/HDFGroup/hdf5/issues/5578 - |
04 Jul 2025, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-07-04 21:15
Updated : 2025-07-09 17:36
NVD link : CVE-2025-7068
Mitre link : CVE-2025-7068
CVE.ORG link : CVE-2025-7068
JSON object : View
Products Affected
hdfgroup
- hdf5