Heap-Based Buffer Overflow Vulnerability in HDF5 by The HDF Group
CVE-2025-2153
2.3LOW
What is CVE-2025-2153?
A heap-based buffer overflow vulnerability exists in HDF5 version 1.14.6, specifically in the H5SM_delete function of the h5 File Handler. This flaw enables attackers to exploit the vulnerability remotely, leading to potential data corruption and unauthorized access. The complexity of executing this exploit is notably high, requiring advanced knowledge. The exploit has been made public, increasing the risk for systems utilizing this software version.
Affected Version(s)
HDF5 1.14.6