In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Debian:unstable
hdf5
to version 1.14.5+repack-1 or higher.
Note: Versions mentioned in the description apply only to the upstream hdf5
package and not the hdf5
package as distributed by Debian
.
See How to fix?
for Debian:unstable
relevant fixed versions and status.
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction pointer.