Memory Segmentation Fault in HDF5 Library Affecting Multiple Products
CVE-2024-32614

8.8HIGH

Key Information:

Vendor: HDF Group
Status: Hdf5
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-32614?

A vulnerability exists in the HDF5 Library, where a segmentation fault (SEGV) occurs in the H5VM_memcpyvv function within H5VM.c. This flaw impacts the stability of applications using the library, potentially leading to unforeseen behavior or crashes during execution. Users are advised to update to the latest version, as this vulnerability has been addressed in version 1.14.4.

References

https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixe...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024

HDF Group

What is CVE-2024-32614?

References

CVSS V3.1

Timeline