CVE-2016-4331

NameCVE-2016-4331
DescriptionWhen decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-771-1, DSA-3727-1
NVD severitymedium (attack range: local)
Debian Bugs845301

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
hdf5 (PTS)wheezy1.8.8-9vulnerable
wheezy (security)1.8.8-9+deb7u1fixed
jessie (security), jessie1.8.13+docs-15+deb8u1fixed
stretch1.10.0-patch1+docs-3fixed
buster, sid1.10.0-patch1+docs-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
hdf5source(unstable)1.10.0-patch1+docs-1medium845301
hdf5sourcejessie1.8.13+docs-15+deb8u1mediumDSA-3727-1
hdf5sourcewheezy1.8.8-9+deb7u1mediumDLA-771-1

Notes

http://www.talosintelligence.com/reports/TALOS-2016-0177/
Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/e1c4ec3d541eecda78b3afcb1a0fa071c4b52afa
Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/43ec23616697ce0ea3f99e40900fec55fe9107ef

Search for package or bug name: Reporting problems