SUSE SLES15 Security Update : hdf5 (SUSE-SU-2022:1910-1)

critical Nessus Plugin ID 161785

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1910-1 advisory.

- In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
(CVE-2017-17505)

- In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
(CVE-2017-17506)

- In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. (CVE-2017-17508)

- In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file. (CVE-2017-17509)

- A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. (CVE-2018-11202)

- A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library.
It could allow a remote denial of service attack. (CVE-2018-11203)

- A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. (CVE-2018-11204)

- An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
(CVE-2018-11206)

- A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. (CVE-2018-11207)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c. (CVE-2018-13869)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c. (CVE-2018-13870)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy. (CVE-2018-14033)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c. (CVE-2018-14460)

- A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. (CVE-2018-17233)

- Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
(CVE-2018-17234)

- A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207. (CVE-2018-17237)

- A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. (CVE-2018-17432)

- A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. (CVE-2018-17433)

- A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. (CVE-2018-17434)

- A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file. (CVE-2018-17435)

- ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. (CVE-2018-17436)

- Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
(CVE-2018-17437)

- A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. (CVE-2018-17438)

- An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary.
It allows an attacker to cause Denial of Service. (CVE-2020-10809)

- An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service. (CVE-2020-10810)

- An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service.
(CVE-2020-10811)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1072087

https://bugzilla.suse.com/1072090

https://bugzilla.suse.com/1072108

https://bugzilla.suse.com/1072111

https://bugzilla.suse.com/1093641

https://bugzilla.suse.com/1093649

https://bugzilla.suse.com/1093653

https://bugzilla.suse.com/1093655

https://bugzilla.suse.com/1093657

https://bugzilla.suse.com/1101471

https://bugzilla.suse.com/1101474

https://bugzilla.suse.com/1101493

https://bugzilla.suse.com/1101495

https://bugzilla.suse.com/1102175

https://bugzilla.suse.com/1109166

https://bugzilla.suse.com/1109167

https://bugzilla.suse.com/1109168

https://bugzilla.suse.com/1109564

https://bugzilla.suse.com/1109565

https://bugzilla.suse.com/1109566

https://bugzilla.suse.com/1109567

https://bugzilla.suse.com/1109568

https://bugzilla.suse.com/1109569

https://bugzilla.suse.com/1109570

https://bugzilla.suse.com/1167401

https://bugzilla.suse.com/1167404

https://bugzilla.suse.com/1167405

https://bugzilla.suse.com/1174439

https://bugzilla.suse.com/1179521

https://bugzilla.suse.com/1196682

https://www.suse.com/security/cve/CVE-2017-17505

https://www.suse.com/security/cve/CVE-2017-17506

https://www.suse.com/security/cve/CVE-2017-17508

https://www.suse.com/security/cve/CVE-2017-17509

https://www.suse.com/security/cve/CVE-2018-11202

https://www.suse.com/security/cve/CVE-2018-11203

https://www.suse.com/security/cve/CVE-2018-11204

https://www.suse.com/security/cve/CVE-2018-11206

https://www.suse.com/security/cve/CVE-2018-11207

https://www.suse.com/security/cve/CVE-2018-13869

https://www.suse.com/security/cve/CVE-2018-13870

https://www.suse.com/security/cve/CVE-2018-14032

https://www.suse.com/security/cve/CVE-2018-14033

https://www.suse.com/security/cve/CVE-2018-14460

https://www.suse.com/security/cve/CVE-2018-17233

https://www.suse.com/security/cve/CVE-2018-17234

https://www.suse.com/security/cve/CVE-2018-17237

https://www.suse.com/security/cve/CVE-2018-17432

https://www.suse.com/security/cve/CVE-2018-17433

https://www.suse.com/security/cve/CVE-2018-17434

https://www.suse.com/security/cve/CVE-2018-17435

https://www.suse.com/security/cve/CVE-2018-17436

https://www.suse.com/security/cve/CVE-2018-17437

https://www.suse.com/security/cve/CVE-2018-17438

https://www.suse.com/security/cve/CVE-2020-10809

https://www.suse.com/security/cve/CVE-2020-10810

https://www.suse.com/security/cve/CVE-2020-10811

http://www.nessus.org/u?15d8787d

Plugin Details

Severity: Critical

ID: 161785

File Name: suse_SU-2022-1910-1.nasl

Version: 1.5

Type: local

Agent: unix

Published: 6/2/2022

Updated: 7/14/2023

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-13870

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-module, p-cpe:/a:novell:suse_linux:hdf5-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi2-hpc-devel-static, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-mvapich2-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi3-hpc-devel-static, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5_cpp_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-module, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-devel-static, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-openmpi2-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi2-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi3-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-hpc-examples, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-devel-static, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mpich-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5-hpc-examples, p-cpe:/a:novell:suse_linux:libhdf5_cpp_1_10_8-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-openmpi3-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-mpich-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-openmpi3-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mpich-hpc-devel-static, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi3-hpc-module, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi2-hpc-module, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mpich-hpc-module, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-mvapich2-hpc

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/1/2022

Vulnerability Publication Date: 12/11/2017

Reference Information

CVE: CVE-2017-17505, CVE-2017-17506, CVE-2017-17508, CVE-2017-17509, CVE-2018-11202, CVE-2018-11203, CVE-2018-11204, CVE-2018-11206, CVE-2018-11207, CVE-2018-13869, CVE-2018-13870, CVE-2018-14032, CVE-2018-14033, CVE-2018-14460, CVE-2018-17233, CVE-2018-17234, CVE-2018-17237, CVE-2018-17432, CVE-2018-17433, CVE-2018-17434, CVE-2018-17435, CVE-2018-17436, CVE-2018-17437, CVE-2018-17438, CVE-2020-10809, CVE-2020-10810, CVE-2020-10811

SuSE: SUSE-SU-2022:1910-1