CVE-2018-17436

Published: 9/24/2018 Last updated: 8/5/2024 Reserved: 9/24/2018

ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

hdf5

Products affected (1)

Product	Vendor	Version
n/a	n/a	Open Source Branch 9.11 9.11.0 through versions before 9.11.37

References (2)

https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#invalid-write-memory-access-in-decompressc
https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#invalid-write-memory-access-in-decompressc