SUSE update for hdf5, suse-hpc
Security Bulletin
This security bulletin contains information about 26 vulnerabilities.
1) NULL pointer dereference
EUVDB-ID: #VU37766
Risk: Medium
CVSSv3.1: 5.7 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-17505
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error in H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. A remote attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU37767
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-17506
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Division by zero
EUVDB-ID: #VU37769
Risk: Medium
CVSSv3.1: 5.7 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-17508
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service attack.
The vulnerability exists due to division by zero error when processing untrusted input in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. A remote attacker can perform denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds write
EUVDB-ID: #VU37770
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-17509
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) NULL pointer dereference
EUVDB-ID: #VU37124
Risk: Medium
CVSSv3.1: 5.7 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11202
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. A remote attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Division by zero
EUVDB-ID: #VU37125
Risk: Medium
CVSSv3.1: 5.7 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11203
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a division by zero error within . A remote attacker can pass specially crafted data to the application and crash it.
Update the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) NULL pointer dereference
EUVDB-ID: #VU37126
Risk: Medium
CVSSv3.1: 5.7 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11204
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. A remote attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds read
EUVDB-ID: #VU37128
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11206
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Division by zero
EUVDB-ID: #VU37129
Risk: Medium
CVSSv3.1: 5.7 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11207
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a division by zero error within . A remote attacker can pass specially crafted data to the application and crash it.
Update the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Buffer overflow
EUVDB-ID: #VU36917
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-13869
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds read
EUVDB-ID: #VU36918
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-13870
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the function H5O_link_decode in H5Olink.c. A remote attacker can perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds read
EUVDB-ID: #VU36907
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-14033
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy. A remote attacker can perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Out-of-bounds read
EUVDB-ID: #VU36838
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-14460
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c. A remote attacker can perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Division by zero
EUVDB-ID: #VU63930
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17233
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a division by zero error in the H5D__create_chunk_file_map_hyper() function of H5Dchunk.c in the HDF HDF5 . A remote attacker can trick the victim into opening specially crafted HDF file and perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Resource exhaustion
EUVDB-ID: #VU63931
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17234
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5. A remote attacker can trick the victim into opening a specially crafted HDF5 file and perform a denial of service attack.
Update the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Division by zero
EUVDB-ID: #VU63932
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17237
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a division by zero error in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5. A remote attacker can trick the victim into opening a specially crafted HDF file and perform a denial of service attack.
Update the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) NULL pointer dereference
EUVDB-ID: #VU63934
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17432
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5. A remote attacker can trick the victim into opening specially crafted HDF5 file and perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Heap-based buffer overflow
EUVDB-ID: #VU63935
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17433
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error in ReadGifImageDesc() in gifread.c in the HDF HDF5 when converting a GIF file to an HDF file. A remote attacker can trick the victim into opening a specially crafted HDF5 file and perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Division by zero
EUVDB-ID: #VU63937
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17434
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a division by zero error in the function apply_filters() of h5repack_filters.c in the HDF HDF5. A remote attacker can trick the victim into opening specially crafted HDF file and perform a denial of service attack.
Update the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Out-of-bounds read
EUVDB-ID: #VU63938
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17435
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the H5O_attr_decode() function in H5Oattr.c in the HDF HDF5 when converting an HDF file to GIF file. A remote attacker can trick the victim into opening a specially crafted HDF5 file and perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Out-of-bounds write
EUVDB-ID: #VU63940
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17436
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error in the ReadCode() function in decompress.c in the HDF HDF5. A remote attacker can trick the victim into opening specially crafted HDF file, trigger out-of-bounds write, and perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Resource exhaustion
EUVDB-ID: #VU63941
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17437
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5. A remote attacker can trick the victim into opening a specially crafted HDF5 file and perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Division by zero
EUVDB-ID: #VU63943
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17438
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a division by zero error in the H5D__select_io() function of H5Dselect.c in the HDF HDF5. A remote attacker can trick the victim into opening a specially crafted HDF file and perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Heap-based buffer overflow
EUVDB-ID: #VU26294
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10809
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the Decompress() function in decompress.c. A remote attacker can exploit the vulnerability by sending a crafted file to the gif2h5 binary, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) NULL pointer dereference
EUVDB-ID: #VU26293
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10810
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the H5AC_unpin_entry() function located in H5AC.c. It allows an attacker to cause Denial of Service. A remote attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Out-of-bounds read
EUVDB-ID: #VU26295
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10811
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the H5O__layout_decode() function in H5Olayout.c. A remote attacker can pass specially crafted data to the application, trigger out-of-bounds read error and read contents of memory on the system or perform a denial of service attack.
MitigationUpdate the affected package hdf5, suse-hpc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
hdf5-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5-gnu-hpc-devel: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5hl_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_hl_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_hl-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_fortran_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_fortran-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_cpp_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_cpp-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
libhdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
libhdf5-gnu-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-openmpi2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mvapich2-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-mpich-hpc: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-module: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel-static: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-devel: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debugsource: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc-debuginfo: before 1.10.8-150000.8.4.3
hdf5_1_10_8-gnu-hpc: before 1.10.8-150000.8.4.3
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221911-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
