Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: 2022:1933-1 Important: HDF5 Security Issues Fixed

suse
Calendar Grey June 3, 2022
Dist Suse Esm H88
Discover key updates from SUSE's latest release addressing 27 security vulnerabilities in both the hdf5 and suse-hpc modules, ensuring enhanced stability and protection.
An update that solves 27 vulnerabilities, contains four features and has 17 fixes is now available

Summary

This update for hdf5, suse-hpc fixes the following issues: Security issues fixed: - CVE-2020-10811: Fixed heap-based buffer over-read in the function H5O__layout_decode() located in H5Olayout.c (bsc#1167405). - CVE-2020-10810: Fixed NULL pointer dereference in the function H5AC_unpin_entry() located in H5AC.c (bsc#1167401). - CVE-2020-10809: Fixed heap-based buffer overflow in the function Decompress() located in decompress.c (bsc#1167404). - CVE-2018-17438: Fixed SIGFPE signal raise in the function H5D__select_io() of H5Dselect.c (bsc#1109570). - CVE-2018-17437: Fixed memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c. (bsc#1109569). - CVE-2018-17436: Fixed issue in ReadCode() in decompress.c that allowed attackers to cause a denial of service via a crafted HDF5 file

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow important memory leak hdf5 suse-hpc

References

#1058563 #1072087 #1072090 #1072108 #1072111

#1080022 #1080259 #1080426 #1080442 #1082209

#1084951 #1088547 #1091237 #1093641 #1093649

#1093653 #1093655 #1093657 #1101471 #1101474

#1101493 #1101495 #1102175 #1109166 #1109167

#1109168 #1109564 #1109565 #1109566 #1109567

#1109568 #1109569 #1109570 #1116458 #1124509

#1133222 #1134298 #1167401 #1167404 #1167405

#1169793 #1174439 #1179521 #1196682 SLE-7766

SLE-7773 SLE-8501 SLE-8604

Cross- CVE-2017-17505 CVE-2017-17506 CVE-2017-17508

CVE-2017-17509 CVE-2018-11202 CVE-2018-11203

CVE-2018-11204 CVE-2018-11206 CVE-2018-11207

CVE-2018-13869 CVE-2018-13870 CVE-2018-14032

CVE-2018-14033 CVE-2018-14460 CVE-2018-17233

CVE-2018-17234 CVE-2018-17237 CVE-2018-17432

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:1933-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow important memory leak hdf5 suse-hpc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here