SUSE SLES15 Security Update : hdf5 (SUSE-SU-2022:3828-1)

critical Nessus Plugin ID 166783

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3828-1 advisory.

- A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack. (CVE-2018-11205)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c. (CVE-2018-13867)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c. (CVE-2018-14031)

- An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c. (CVE-2018-16438)

- An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file. (CVE-2018-17439)

- A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka Invalid write of size 2. (CVE-2019-8396)

- An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service. (CVE-2020-10812)

- A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service. (CVE-2021-45830)

- A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent). (CVE-2021-45833)

- HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
(CVE-2021-46242)

- A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
(CVE-2021-46244)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1093663

https://bugzilla.suse.com/1101475

https://bugzilla.suse.com/1101906

https://bugzilla.suse.com/1107069

https://bugzilla.suse.com/1111598

https://bugzilla.suse.com/1125882

https://bugzilla.suse.com/1167400

https://bugzilla.suse.com/1194366

https://bugzilla.suse.com/1194375

https://bugzilla.suse.com/1195212

https://bugzilla.suse.com/1195215

https://www.suse.com/security/cve/CVE-2018-11205

https://www.suse.com/security/cve/CVE-2018-13867

https://www.suse.com/security/cve/CVE-2018-14031

https://www.suse.com/security/cve/CVE-2018-16438

https://www.suse.com/security/cve/CVE-2018-17439

https://www.suse.com/security/cve/CVE-2019-8396

https://www.suse.com/security/cve/CVE-2020-10812

https://www.suse.com/security/cve/CVE-2021-45830

https://www.suse.com/security/cve/CVE-2021-45833

https://www.suse.com/security/cve/CVE-2021-46242

https://www.suse.com/security/cve/CVE-2021-46244

http://www.nessus.org/u?3162454d

Plugin Details

Severity: Critical

ID: 166783

File Name: suse_SU-2022-3828-1.nasl

Version: 1.5

Type: local

Agent: unix

Published: 11/2/2022

Updated: 7/13/2023

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-13867

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:hdf5-gnu-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5-gnu-mpich-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5-gnu-mvapich2-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5-gnu-openmpi2-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-devel-static, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-module, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mpich-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mpich-hpc-devel-static, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mpich-hpc-module, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-devel-static, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-module, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi2-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi2-hpc-devel-static, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi2-hpc-module, p-cpe:/a:novell:suse_linux:libhdf5-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-openmpi2-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-mpich-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/1/2022

Vulnerability Publication Date: 5/16/2018

Reference Information

CVE: CVE-2018-11205, CVE-2018-13867, CVE-2018-14031, CVE-2018-16438, CVE-2018-17439, CVE-2019-8396, CVE-2020-10812, CVE-2021-45830, CVE-2021-45833, CVE-2021-46242, CVE-2021-46244

SuSE: SUSE-SU-2022:3828-1