CVE-2016-4332

NameCVE-2016-4332
DescriptionThe library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-771-1, DSA-3727-1
NVD severitymedium
Debian Bugs845301

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
hdf5 (PTS)stretch1.10.0-patch1+docs-3+deb9u1fixed
buster1.10.4+repack-10fixed
bullseye1.10.6+repack-4+deb11u1fixed
bookworm, sid1.10.7+repack-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
hdf5sourcewheezy1.8.8-9+deb7u1DLA-771-1
hdf5sourcejessie1.8.13+docs-15+deb8u1DSA-3727-1
hdf5source(unstable)1.10.0-patch1+docs-1845301

Notes

http://www.talosintelligence.com/reports/TALOS-2016-0178/
Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/e1d50d498a0affbbd6e088b524fd495ea95dea88

Search for package or bug name: Reporting problems