HDF5 H5FL.c H5FL__malloc memory leak

July 5, 2025 invoker category_cve

CVE Details

Basic Information

Title HDF5 H5FL.c H5FL__malloc memory leak
Type cve
Published 2025-07-04T20:32:06.420Z
Modified 2025-07-04T20:32:06.420Z

Product Information

Vendor n/a
Product HDF5
Version 1.14.6

CVSS Information

Base Score 4.8 (MEDIUM)
Attack Vector CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

AI Analysis

AI Description A memory leak vulnerability in HDF5 1.14.6’s H5FL__malloc function, requiring local access with a publicly disclosed exploit.
AI Severity Medium
AI Vendor HDF Group
AI Product HDF5
AI Version 1.14.6

Affected Products

  • n/a HDF5 1.14.6

Additional Information

CWE List CWE-401, CWE-404
Source VulDB

Description

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.