HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c).

...

PT-2024-6195 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions 1.14.3 and earlier Description: The issue is related to an out-of-bounds read operation in the H5FL arr malloc function in the H5FL.c file of the HDF5 Library, which is called from H5S set extent simple in H5S.c. This ca...