CVE-2025-2153

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-2153

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-2153.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-2153

Related

UBUNTU-CVE-2025-2153

Published

2025-03-10T14:15:26Z

Modified

2025-03-17T05:51:52.073610Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

References

Affected packages

Debian:11 / hdf5

Package

Name: hdf5
Purl: pkg:deb/debian/hdf5?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.10.6+repack-4

1.10.6+repack-4+deb11u1

1.10.6+repack-5

1.10.7+repack-1

1.10.7+repack-2

1.10.7+repack-3

1.10.7+repack-4

1.10.8+repack-1

1.10.8+repack-2

1.10.8+repack-3

1.10.8+repack-4

1.10.8+repack1-1

1.10.10+repack-1

1.10.10+repack-2

1.10.10+repack-3

1.10.10+repack-3.1

1.10.10+repack-3.2

1.10.10+repack-3.2+ports

1.10.10+repack-3.3

1.10.10+repack-4

1.10.10+repack-5

1.12.0+repack-1~exp1

1.12.0+repack-1~exp2

1.12.2+repack-1~exp1

1.14.3+repack-1~exp1

1.14.3+repack1-1~exp2

1.14.3+repack1-1~exp3

1.14.4.3+repack-1~exp1

1.14.4.3+repack-1~exp2

1.14.4.3+repack-1~exp3

1.14.5+repack-1~exp1

1.14.5+repack-1~exp2

1.14.5+repack-1~exp3

1.14.5+repack-1~exp4

1.14.5+repack-1~exp5

1.14.5+repack-1~exp6

1.14.5+repack-1

1.14.5+repack-2

1.14.5+repack-3~exp1

1.14.5+repack-3~exp2

1.14.5+repack-3~exp3

1.14.5+repack-3~exp4

1.14.5+repack-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / hdf5

Package

Name: hdf5
Purl: pkg:deb/debian/hdf5?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.10.8+repack1-1

1.10.10+repack-1

1.10.10+repack-2

1.10.10+repack-3

1.10.10+repack-3.1

1.10.10+repack-3.2

1.10.10+repack-3.2+ports

1.10.10+repack-3.3

1.10.10+repack-4

1.10.10+repack-5

1.12.0+repack-1~exp1

1.12.0+repack-1~exp2

1.12.2+repack-1~exp1

1.14.3+repack-1~exp1

1.14.3+repack1-1~exp2

1.14.3+repack1-1~exp3

1.14.4.3+repack-1~exp1

1.14.4.3+repack-1~exp2

1.14.4.3+repack-1~exp3

1.14.5+repack-1~exp1

1.14.5+repack-1~exp2

1.14.5+repack-1~exp3

1.14.5+repack-1~exp4

1.14.5+repack-1~exp5

1.14.5+repack-1~exp6

1.14.5+repack-1

1.14.5+repack-2

1.14.5+repack-3~exp1

1.14.5+repack-3~exp2

1.14.5+repack-3~exp3

1.14.5+repack-3~exp4

1.14.5+repack-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / hdf5

Package

Name: hdf5
Purl: pkg:deb/debian/hdf5?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.10.8+repack1-1

1.10.10+repack-1

1.10.10+repack-2

1.10.10+repack-3

1.10.10+repack-3.1

1.10.10+repack-3.2

1.10.10+repack-3.2+ports

1.10.10+repack-3.3

1.10.10+repack-4

1.10.10+repack-5

1.12.0+repack-1~exp1

1.12.0+repack-1~exp2

1.12.2+repack-1~exp1

1.14.3+repack-1~exp1

1.14.3+repack1-1~exp2

1.14.3+repack1-1~exp3

1.14.4.3+repack-1~exp1

1.14.4.3+repack-1~exp2

1.14.4.3+repack-1~exp3

1.14.5+repack-1~exp1

1.14.5+repack-1~exp2

1.14.5+repack-1~exp3

1.14.5+repack-1~exp4

1.14.5+repack-1~exp5

1.14.5+repack-1~exp6

1.14.5+repack-1

1.14.5+repack-2

1.14.5+repack-3~exp1

1.14.5+repack-3~exp2

1.14.5+repack-3~exp3

1.14.5+repack-3~exp4

1.14.5+repack-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/hdfgroup/hdf5

Affected ranges

Type: GIT
Repo: https://github.com/hdfgroup/hdf5
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

7bf340440909d468dbb3cf41f0ea0d87f5050cea

Affected versions

Other

before_removing_docs

before_removing_fphdf5

before_removing_mpiposix_vfd

before_removing_tbbt_code

before_signed_unsigned_changes

hdf5-1_0_0

hdf5-1_0_0-alpha2

hdf5-1_0_1

hdf5-1_13_0-rc1

hdf5-1_13_0-rc2

hdf5-1_13_0-rc3

hdf5-1_13_0-rc4

hdf5-1_13_0-rc5

hdf5-1_13_0-rc6

hdf5-1_2_0

hdf5-1_2_0-beta1-update2

hdf5-1_2_0beta

hdf5-1_2_1

hdf5-1_3_0

hdf5-1_3_1

hdf5-1_4_0

hdf5-1_4_1

hdf5-1_6_0

hdf5-1_6_1

hdf5-1_6_2

hdf5-1_8_0-alpha2

hdf5-1_8_0-alpha3

hdf5-1_8_0-alpha4

hdf5-1_8_0-beta1

hdf5-1_8_0-beta2

hdf5-1_8_0-beta3

hdf5-1_8_0-beta4

hdf5-1_8_0-beta5

hdf5-1_9-start

proto1

r1_1beta1

vms_last_support_trunk

hdf5-1.*

hdf5-1.14.5

hdf5-1.14.6

hdf5_1.*

hdf5_1.14.5

hdf5_1.14.6

snapshot-1.*

snapshot-1.14