Lucene search
SuseSUSE-SU-2022:3829-1HistoryNov 01, 2022 - 12:00 a.m.
Security update for hdf5 (important)
2022-11-0100:00:00
lists.opensuse.org
10
hdf5
security update
vulnerability fixes
suse
opensuse
patch
cve-2021-46244
cve-2018-13867
cve-2018-16438
cve-2020-10812
cve-2021-45830
cve-2019-8396
cve-2018-11205
cve-2021-46242
cve-2021-45833
cve-2018-14031
cve-2018-17439
yast
zypper
installation
suse linux enterprise
packagehub
hpc
0.004 Low
EPSS
Percentile
72.4%
An update that fixes 11 vulnerabilities is now available.
Description:
This update for hdf5 fixes the following issues:
- CVE-2021-46244: Fixed division by zero leading to DoS (bsc#1195215).
- CVE-2018-13867: Fixed out of bounds read in the function
H5F__accum_read in H5Faccum.c (bsc#1101906).
- CVE-2018-16438: Fixed out of bounds read in H5L_extern_query at
H5Lexternal.c (bsc#1107069).
- CVE-2020-10812: Fixed NULL pointer dereference (bsc#1167400).
- CVE-2021-45830: Fixed heap buffer overflow vulnerability in
H5F_addr_decode_len in /hdf5/src/H5Fint.c (bsc#1194375).
- CVE-2019-8396: Fixed buffer overflow in function H5O__layout_encode
in H5Olayout.c (bsc#1125882).
- CVE-2018-11205: Fixed out of bounds read was discovered in
H5VM_memcpyvv in H5VM.c (bsc#1093663).
- CVE-2021-46242: Fixed heap-use-after free via the component
H5AC_unpin_entry (bsc#1195212).
- CVE-2021-45833: Fixed stack buffer overflow vulnerability
(bsc#1194366).
- CVE-2018-14031: Fixed heap-based buffer over-read in the function
H5T_copy in H5T.c (bsc#1101475).
- CVE-2018-17439: Fixed out of bounds read in the function
H5F__accum_read in H5Faccum.c (bsc#1111598).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3829=1
-
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3829=1
-
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3829=1
-
SUSE Linux Enterprise Module for HPC 15-SP3:
zypper in -t patch SUSE-SLE-Module-HPC-15-SP3-2022-3829=1
Related
nessus
nessus
SUSE SLES15 Security Update : hdf5 (SUSE-SU-2022:3828-1)
2022-11-02 00:00:00
SUSE SLES15 Security Update : hdf5 (SUSE-SU-2022:3827-1)
2022-11-02 00:00:00
SUSE SLED15 / SLES15 Security Update : hdf5 (SUSE-SU-2022:3829-1)
2022-11-02 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:3829-1)
2022-11-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3825-1)
2022-11-02 00:00:00
suse
suse
Security update for hdf5 (important)
2022-11-01 00:00:00
redhatcve
redhatcve
cvelist
cvelist
nvd
nvd
prion
prion
Heap overflow
2022-01-05 20:15:00
Heap overflow
2018-07-13 02:29:00
Design/Logic Flaw
2018-09-04 00:29:00
cve
cve
osv
osv
ubuntucve
ubuntucve
debiancve
debiancve
veracode
veracode
Denial Of Service (DoS)
2022-10-31 06:34:27
Use After Free
2022-01-24 16:28:40
cnvd
cnvd
HDF5 Heap Buffer Overflow Vulnerability (CNVD-2022-68552)
2022-01-06 00:00:00
HDF5 Stack Buffer Overflow Vulnerability (CNVD-2022-68553)
2022-01-06 00:00:00
HDF5 Denial of Service Vulnerability (CNVD-2022-07232)
2022-01-25 00:00:00