CVE-2025-2925

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-2925

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-2925.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-2925

Related

UBUNTU-CVE-2025-2925

Published

2025-03-28T20:15:26Z

Modified

2025-04-18T03:14:48.273875Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

References

Affected packages

Debian:11 / hdf5

Package

Name: hdf5
Purl: pkg:deb/debian/hdf5?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.10.6+repack-4

1.10.6+repack-4+deb11u1

1.10.6+repack-5

1.10.7+repack-1

1.10.7+repack-2

1.10.7+repack-3

1.10.7+repack-4

1.10.8+repack-1

1.10.8+repack-2

1.10.8+repack-3

1.10.8+repack-4

1.10.8+repack1-1

1.10.10+repack-1

1.10.10+repack-2

1.10.10+repack-3

1.10.10+repack-3.1

1.10.10+repack-3.2

1.10.10+repack-3.2+ports

1.10.10+repack-3.3

1.10.10+repack-4

1.10.10+repack-5

1.12.0+repack-1~exp1

1.12.0+repack-1~exp2

1.12.2+repack-1~exp1

1.14.3+repack-1~exp1

1.14.3+repack1-1~exp2

1.14.3+repack1-1~exp3

1.14.4.3+repack-1~exp1

1.14.4.3+repack-1~exp2

1.14.4.3+repack-1~exp3

1.14.5+repack-1~exp1

1.14.5+repack-1~exp2

1.14.5+repack-1~exp3

1.14.5+repack-1~exp4

1.14.5+repack-1~exp5

1.14.5+repack-1~exp6

1.14.5+repack-1

1.14.5+repack-2

1.14.5+repack-3~exp1

1.14.5+repack-3~exp2

1.14.5+repack-3~exp3

1.14.5+repack-3~exp4

1.14.5+repack-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / hdf5

Package

Name: hdf5
Purl: pkg:deb/debian/hdf5?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.10.8+repack1-1

1.10.10+repack-1

1.10.10+repack-2

1.10.10+repack-3

1.10.10+repack-3.1

1.10.10+repack-3.2

1.10.10+repack-3.2+ports

1.10.10+repack-3.3

1.10.10+repack-4

1.10.10+repack-5

1.12.0+repack-1~exp1

1.12.0+repack-1~exp2

1.12.2+repack-1~exp1

1.14.3+repack-1~exp1

1.14.3+repack1-1~exp2

1.14.3+repack1-1~exp3

1.14.4.3+repack-1~exp1

1.14.4.3+repack-1~exp2

1.14.4.3+repack-1~exp3

1.14.5+repack-1~exp1

1.14.5+repack-1~exp2

1.14.5+repack-1~exp3

1.14.5+repack-1~exp4

1.14.5+repack-1~exp5

1.14.5+repack-1~exp6

1.14.5+repack-1

1.14.5+repack-2

1.14.5+repack-3~exp1

1.14.5+repack-3~exp2

1.14.5+repack-3~exp3

1.14.5+repack-3~exp4

1.14.5+repack-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / hdf5

Package

Name: hdf5
Purl: pkg:deb/debian/hdf5?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.10.8+repack1-1

1.10.10+repack-1

1.10.10+repack-2

1.10.10+repack-3

1.10.10+repack-3.1

1.10.10+repack-3.2

1.10.10+repack-3.2+ports

1.10.10+repack-3.3

1.10.10+repack-4

1.10.10+repack-5

1.12.0+repack-1~exp1

1.12.0+repack-1~exp2

1.12.2+repack-1~exp1

1.14.3+repack-1~exp1

1.14.3+repack1-1~exp2

1.14.3+repack1-1~exp3

1.14.4.3+repack-1~exp1

1.14.4.3+repack-1~exp2

1.14.4.3+repack-1~exp3

1.14.5+repack-1~exp1

1.14.5+repack-1~exp2

1.14.5+repack-1~exp3

1.14.5+repack-1~exp4

1.14.5+repack-1~exp5

1.14.5+repack-1~exp6

1.14.5+repack-1

1.14.5+repack-2

1.14.5+repack-3~exp1

1.14.5+repack-3~exp2

1.14.5+repack-3~exp3

1.14.5+repack-3~exp4

1.14.5+repack-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/hdfgroup/hdf5

Affected ranges

Type: GIT
Repo: https://github.com/hdfgroup/hdf5
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

7bf340440909d468dbb3cf41f0ea0d87f5050cea

Affected versions

Other

before_removing_docs

before_removing_fphdf5

before_removing_mpiposix_vfd

before_removing_tbbt_code

before_signed_unsigned_changes

hdf5-1_0_0

hdf5-1_0_0-alpha2

hdf5-1_0_1

hdf5-1_13_0-rc1

hdf5-1_13_0-rc2

hdf5-1_13_0-rc3

hdf5-1_13_0-rc4

hdf5-1_13_0-rc5

hdf5-1_13_0-rc6

hdf5-1_2_0

hdf5-1_2_0-beta1-update2

hdf5-1_2_0beta

hdf5-1_2_1

hdf5-1_3_0

hdf5-1_3_1

hdf5-1_4_0

hdf5-1_4_1

hdf5-1_6_0

hdf5-1_6_1

hdf5-1_6_2

hdf5-1_8_0-alpha2

hdf5-1_8_0-alpha3

hdf5-1_8_0-alpha4

hdf5-1_8_0-beta1

hdf5-1_8_0-beta2

hdf5-1_8_0-beta3

hdf5-1_8_0-beta4

hdf5-1_8_0-beta5

hdf5-1_9-start

proto1

r1_1beta1

vms_last_support_trunk

hdf5-1.*

hdf5-1.14.5

hdf5-1.14.6

hdf5_1.*

hdf5_1.14.5

hdf5_1.14.6

snapshot-1.*

snapshot-1.14