CVE-2016-4330

NameCVE-2016-4330
DescriptionIn the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-771-1, DSA-3727-1
NVD severitymedium (attack range: local)
Debian Bugs845301

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
hdf5 (PTS)wheezy1.8.8-9vulnerable
wheezy (security)1.8.8-9+deb7u1fixed
jessie (security), jessie1.8.13+docs-15+deb8u1fixed
stretch1.10.0-patch1+docs-3fixed
buster, sid1.10.0-patch1+docs-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
hdf5source(unstable)1.10.0-patch1+docs-1medium845301
hdf5sourcejessie1.8.13+docs-15+deb8u1mediumDSA-3727-1
hdf5sourcewheezy1.8.8-9+deb7u1mediumDLA-771-1

Notes

http://www.talosintelligence.com/reports/TALOS-2016-0176/
Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/2e7e1899d3d7131bcbad65233ba713f6b79e2d69

Search for package or bug name: Reporting problems