1105591 – (CVE-2018-15671) VUL-1: CVE-2018-15671: hdf5: An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stackconsumption has been detected in the function H5P__get_cb() in H5Pint.c duringan attempted parse of a crafted HDF file. This results in de

Bug 1105591 (CVE-2018-15671) - VUL-1: CVE-2018-15671: hdf5: An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stackconsumption has been detected in the function H5P__get_cb() in H5Pint.c duringan attempted parse of a crafted HDF file. This results in de

Summary: VUL-1: CVE-2018-15671: hdf5: An issue was discovered in the HDF HDF5 1.10.2 l...

Status:	RESOLVED WONTFIX

Alias:	CVE-2018-15671

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assignee:	HPC Issue Tracker
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/213154/
Whiteboard:	CVSSv3:SUSE:CVE-2018-15671:5.5:(AV:L...
Keywords:

Depends on:
Blocks:	1101742
	Show dependency tree / graph

Clone This Bug

Reported:	2018-08-22 05:52 UTC by Marcus Meissner
Modified:	2022-09-07 11:18 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
stackoverflow_H5P__get_cb (18.09 KB, application/octet-stream) 2018-08-22 05:58 UTC, Marcus Meissner	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2018-08-22 05:52:39 UTC

CVE-2018-15671

An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack
consumption has been detected in the function H5P__get_cb() in H5Pint.c during
an attempted parse of a crafted HDF file. This results in denial of service.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-15671
http://www.cvedetails.com/cve/CVE-2018-15671/
https://github.com/SegfaultMasters/covering360/tree/master/HDF5#stack-overflow---stackoverflow_h5p__get_cb

Comment 1 Marcus Meissner 2018-08-22 05:58:53 UTC

Created attachment 780370 [details]
stackoverflow_H5P__get_cb

QA REPRODUCER:

h5dump stackoverflow_H5P__get_cb

will only terminate after running long

(endless recursion exhausting stack)

Comment 3 Egbert Eich 2022-05-05 10:41:57 UTC

No upstream fix is available, yet.

Comment 4 Egbert Eich 2022-09-05 12:37:47 UTC

This is not really a vulnerability.
- This problem happens only with a hand-crafted file.
- The stack will grow in size until the program is terminated, however no illegal or   
  'out-of-bound' accesses can be detected.
- Problem can be mitigated by setting an appropriate ulimit when processing hdf5 
  files from uncertain origin.

Comment 5 Gabriele Sonnu 2022-09-07 11:18:35 UTC

SUSE will not provide a fix for this issue since the risk to our customers posed by this is negligible.