SUSE SLES12 Security Update : hdf5, suse-hpc (SUSE-SU-2022:1933-1)

critical Nessus Plugin ID 172438

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1933-1 advisory.

- In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
(CVE-2017-17505)

- In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
(CVE-2017-17506)

- In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. (CVE-2017-17508)

- In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file. (CVE-2017-17509)

- A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. (CVE-2018-11202)

- A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library.
It could allow a remote denial of service attack. (CVE-2018-11203)

- A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. (CVE-2018-11204)

- An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
(CVE-2018-11206)

- A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. (CVE-2018-11207)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c. (CVE-2018-13869)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c. (CVE-2018-13870)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy. (CVE-2018-14033)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c. (CVE-2018-14460)

- A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. (CVE-2018-17233)

- Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
(CVE-2018-17234)

- A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207. (CVE-2018-17237)

- A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. (CVE-2018-17432)

- A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. (CVE-2018-17433)

- A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. (CVE-2018-17434)

- A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file. (CVE-2018-17435)

- ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. (CVE-2018-17436)

- Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
(CVE-2018-17437)

- A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. (CVE-2018-17438)

- An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary.
It allows an attacker to cause Denial of Service. (CVE-2020-10809)

- An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service. (CVE-2020-10810)

- An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service.
(CVE-2020-10811)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1058563

https://bugzilla.suse.com/1072087

https://bugzilla.suse.com/1072090

https://bugzilla.suse.com/1072108

https://bugzilla.suse.com/1072111

https://bugzilla.suse.com/1080022

https://bugzilla.suse.com/1080259

https://bugzilla.suse.com/1080426

https://bugzilla.suse.com/1080442

https://bugzilla.suse.com/1082209

https://bugzilla.suse.com/1084951

https://bugzilla.suse.com/1088547

https://bugzilla.suse.com/1091237

https://bugzilla.suse.com/1093641

https://bugzilla.suse.com/1093649

https://bugzilla.suse.com/1093653

https://bugzilla.suse.com/1093655

https://bugzilla.suse.com/1093657

https://bugzilla.suse.com/1101471

https://bugzilla.suse.com/1101474

https://bugzilla.suse.com/1101493

https://bugzilla.suse.com/1101495

https://bugzilla.suse.com/1102175

https://bugzilla.suse.com/1109166

https://bugzilla.suse.com/1109167

https://bugzilla.suse.com/1109168

https://bugzilla.suse.com/1109564

https://bugzilla.suse.com/1109565

https://bugzilla.suse.com/1109566

https://bugzilla.suse.com/1109567

https://bugzilla.suse.com/1109568

https://bugzilla.suse.com/1109569

https://bugzilla.suse.com/1109570

https://bugzilla.suse.com/1116458

https://bugzilla.suse.com/1124509

https://bugzilla.suse.com/1133222

https://bugzilla.suse.com/1134298

https://bugzilla.suse.com/1167401

https://bugzilla.suse.com/1167404

https://bugzilla.suse.com/1167405

https://bugzilla.suse.com/1169793

https://bugzilla.suse.com/1174439

https://bugzilla.suse.com/1179521

https://bugzilla.suse.com/1196682

https://www.suse.com/security/cve/CVE-2017-17505

https://www.suse.com/security/cve/CVE-2017-17506

https://www.suse.com/security/cve/CVE-2017-17508

https://www.suse.com/security/cve/CVE-2017-17509

https://www.suse.com/security/cve/CVE-2018-11202

https://www.suse.com/security/cve/CVE-2018-11203

https://www.suse.com/security/cve/CVE-2018-11204

https://www.suse.com/security/cve/CVE-2018-11206

https://www.suse.com/security/cve/CVE-2018-11207

https://www.suse.com/security/cve/CVE-2018-13869

https://www.suse.com/security/cve/CVE-2018-13870

https://www.suse.com/security/cve/CVE-2018-14032

https://www.suse.com/security/cve/CVE-2018-14033

https://www.suse.com/security/cve/CVE-2018-14460

https://www.suse.com/security/cve/CVE-2018-17233

https://www.suse.com/security/cve/CVE-2018-17234

https://www.suse.com/security/cve/CVE-2018-17237

https://www.suse.com/security/cve/CVE-2018-17432

https://www.suse.com/security/cve/CVE-2018-17433

https://www.suse.com/security/cve/CVE-2018-17434

https://www.suse.com/security/cve/CVE-2018-17435

https://www.suse.com/security/cve/CVE-2018-17436

https://www.suse.com/security/cve/CVE-2018-17437

https://www.suse.com/security/cve/CVE-2018-17438

https://www.suse.com/security/cve/CVE-2020-10809

https://www.suse.com/security/cve/CVE-2020-10810

https://www.suse.com/security/cve/CVE-2020-10811

http://www.nessus.org/u?38e82176

Plugin Details

Severity: Critical

ID: 172438

File Name: suse_SU-2022-1933-1.nasl

Version: 1.2

Type: local

Agent: unix

Published: 3/10/2023

Updated: 7/14/2023

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-13870

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-devel-static, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi1-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-openmpi1-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi1-hpc-module, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-module, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-module, p-cpe:/a:novell:suse_linux:libhdf5-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-hpc, p-cpe:/a:novell:suse_linux:suse-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-devel-static, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi1-hpc-devel-static, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi1-hpc, cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:libhdf5-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-mvapich2-hpc-devel

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/3/2022

Vulnerability Publication Date: 12/11/2017

Reference Information

CVE: CVE-2017-17505, CVE-2017-17506, CVE-2017-17508, CVE-2017-17509, CVE-2018-11202, CVE-2018-11203, CVE-2018-11204, CVE-2018-11206, CVE-2018-11207, CVE-2018-13869, CVE-2018-13870, CVE-2018-14032, CVE-2018-14033, CVE-2018-14460, CVE-2018-17233, CVE-2018-17234, CVE-2018-17237, CVE-2018-17432, CVE-2018-17433, CVE-2018-17434, CVE-2018-17435, CVE-2018-17436, CVE-2018-17437, CVE-2018-17438, CVE-2020-10809, CVE-2020-10810, CVE-2020-10811

SuSE: SUSE-SU-2022:1933-1