Detections
Analytics
SUSE SLES12 Security Update : hdf5, suse-hpc (SUSE-SU-2022:1933-1)
critical Nessus Plugin ID 172438
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1933-1 advisory.Security issues fixed:
- CVE-2020-10811: Fixed heap-based buffer over-read in the function H5O__layout_decode() located in H5Olayout.c (bsc#1167405).
- CVE-2020-10810: Fixed NULL pointer dereference in the function H5AC_unpin_entry() located in H5AC.c (bsc#1167401).
- CVE-2020-10809: Fixed heap-based buffer overflow in the function Decompress() located in decompress.c (bsc#1167404).
- CVE-2018-17438: Fixed SIGFPE signal raise in the function H5D__select_io() of H5Dselect.c (bsc#1109570).
- CVE-2018-17437: Fixed memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c.
(bsc#1109569).
- CVE-2018-17436: Fixed issue in ReadCode() in decompress.c that allowed attackers to cause a denial of service via a crafted HDF5 file (bsc#1109568).
- CVE-2018-17435: Fixed heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c (bsc#1109567).
- CVE-2018-17434: Fixed SIGFPE signal raise in function apply_filters() of h5repack_filters.c (bsc#1109566).
- CVE-2018-17433: Fixed heap-based buffer overflow in ReadGifImageDesc() in gifread.c (bsc#1109565).
- CVE-2018-17432: Fixed NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c (bsc#1109564).
- CVE-2018-17237: Fixed SIGFPE signal raise in the function H5D__chunk_set_info_real() (bsc#1109168).
- CVE-2018-17234: Fixed memory leak in the H5O__chunk_deserialize() function in H5Ocache.c (bsc#1109167).
- CVE-2018-17233: Fixed SIGFPE signal is raise in the function H5D__create_chunk_file_map_hyper (bsc#1109166).
- CVE-2018-14460: Fixed heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c (bsc#1102175).
- CVE-2018-14033: Fixed heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c (bsc#1101471).
- CVE-2018-14032: Fixed heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c (bsc#1101474).
- CVE-2018-13870: Fixed heap-based buffer over-read in the function H5O_link_decode in H5Olink.c (bsc#1101493).
- CVE-2018-13869: Fixed memcpy parameter overlap in the function H5O_link_decode in H5Olink.c (bsc#1101495).
- CVE-2018-11207: Fixed division by zero was discovered in H5D__chunk_init in H5Dchunk.c (bsc#1093653).
- CVE-2018-11206: Fixed out of bounds read in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c (bsc#1093657).
- CVE-2018-11204: Fixed NULL pointer dereference in H5O__chunk_deserialize in H5Ocache.c (bsc#1093655).
- CVE-2018-11203: Fixed division by zero in H5D__btree_decode_key in H5Dbtree.c (bsc#1093649).
- CVE-2018-11202: Fixed NULL pointer dereference in H5S_hyper_make_spans in H5Shyper.c (bsc#1093641).
- CVE-2017-17509: Fixed out of bounds write vulnerability in function H5G__ent_decode_vec (bsc#1072111).
- CVE-2017-17508: Fixed divide-by-zero vulnerability in function H5T_set_loc (bsc#1072108).
- CVE-2017-17506: Fixed out of bounds read in the function H5Opline_pline_decode (bsc#1072090).
- CVE-2017-17505: Fixed NULL pointer dereference in the function H5O_pline_decode (bsc#1072087).
Bugfixes:
- Expand modules handling (bsc#1116458).
- Fix default moduleversion link generation and deletion (bsc#1124509).
- Set higher constraints for succesfull mpich tests (bsc#1133222).
- Only build one examples package for all flavors, do not include dependencies as these would be flavor specific (bsc#1088547).
- Prepend PKG_CONFIG_PATH in modules file (bsc#1080426).
- Validate Python 3 code (bsc#1082209).
- Fix library link flags on pkg-config file for HPC builds (bsc#1134298).
- Fix .so number in baselibs.conf for libhdf5_fortran libs (bsc#1169793).
- Fix python-h5py packages built against out-of-date version of HDF5 (bsc#1196682).
- Fix netcdf-cxx4 packages built against out-of-date version of HDF5 (bsc#1179521).
- Make module files package arch dependent: it contains arch-dependent paths (bsc#1080442).
- Disable %check stage for mpich builds on s390(x) (bsc#1080022).
- Add build support for gcc10 to HPC build (bsc#1174439).
- Fix summary in module files (bsc#1080259).
- Append a newline to the shebang line prepended by the %hpc_shebang_prepend_list macro (bsc#1084951).
- Temporarily disable make check for PowerPC (bsc#1058563).
- Fix HPC library master packages dependency: make it require the correct flavor (bsc#1091237).
- Add HPC support for gcc8 and gcc9 (jsc#SLE-7766 & jsc#SLE-8604).
- Enable openmpi3 builds for Leap and SLE > 15.1 (jsc#SLE-7773).
- HDF5 version Update to 1.10.5 (jsc#SLE-8501).
- Add support for openmpi2 for HPC (FATE#325089).
- Initial version (FATE#320596).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1058563
https://bugzilla.suse.com/1072087
https://bugzilla.suse.com/1072090
https://bugzilla.suse.com/1072108
https://bugzilla.suse.com/1072111
https://bugzilla.suse.com/1080022
https://bugzilla.suse.com/1080259
https://bugzilla.suse.com/1080426
https://bugzilla.suse.com/1080442
https://bugzilla.suse.com/1082209
https://bugzilla.suse.com/1084951
https://bugzilla.suse.com/1088547
https://bugzilla.suse.com/1091237
https://bugzilla.suse.com/1093641
https://bugzilla.suse.com/1093649
https://bugzilla.suse.com/1093653
https://bugzilla.suse.com/1093655
https://bugzilla.suse.com/1093657
https://bugzilla.suse.com/1101471
https://bugzilla.suse.com/1101474
https://bugzilla.suse.com/1101493
https://bugzilla.suse.com/1101495
https://bugzilla.suse.com/1102175
https://bugzilla.suse.com/1109166
https://bugzilla.suse.com/1109167
https://bugzilla.suse.com/1109168
https://bugzilla.suse.com/1109564
https://bugzilla.suse.com/1109565
https://bugzilla.suse.com/1109566
https://bugzilla.suse.com/1109567
https://bugzilla.suse.com/1109568
https://bugzilla.suse.com/1109569
https://bugzilla.suse.com/1109570
https://bugzilla.suse.com/1116458
https://bugzilla.suse.com/1124509
https://bugzilla.suse.com/1133222
https://bugzilla.suse.com/1134298
https://bugzilla.suse.com/1167401
https://bugzilla.suse.com/1167404
https://bugzilla.suse.com/1167405
https://bugzilla.suse.com/1169793
https://bugzilla.suse.com/1174439
https://bugzilla.suse.com/1179521
https://bugzilla.suse.com/1196682
http://www.nessus.org/u?38e82176
https://www.suse.com/security/cve/CVE-2017-17505
https://www.suse.com/security/cve/CVE-2017-17506
https://www.suse.com/security/cve/CVE-2017-17508
https://www.suse.com/security/cve/CVE-2017-17509
https://www.suse.com/security/cve/CVE-2018-11202
https://www.suse.com/security/cve/CVE-2018-11203
https://www.suse.com/security/cve/CVE-2018-11204
https://www.suse.com/security/cve/CVE-2018-11206
https://www.suse.com/security/cve/CVE-2018-11207
https://www.suse.com/security/cve/CVE-2018-13869
https://www.suse.com/security/cve/CVE-2018-13870
https://www.suse.com/security/cve/CVE-2018-14033
https://www.suse.com/security/cve/CVE-2018-14460
https://www.suse.com/security/cve/CVE-2018-17233
https://www.suse.com/security/cve/CVE-2018-17234
https://www.suse.com/security/cve/CVE-2018-17237
https://www.suse.com/security/cve/CVE-2018-17432
https://www.suse.com/security/cve/CVE-2018-17433
https://www.suse.com/security/cve/CVE-2018-17434
https://www.suse.com/security/cve/CVE-2018-17435
https://www.suse.com/security/cve/CVE-2018-17436
https://www.suse.com/security/cve/CVE-2018-17437
https://www.suse.com/security/cve/CVE-2018-17438
https://www.suse.com/security/cve/CVE-2020-10809
Plugin Details
Severity: Critical
ID: 172438
File Name: suse_SU-2022-1933-1.nasl
Version: 1.3
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/10/2023
Updated: 9/24/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2018-13870
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi1-hpc-devel, p-cpe:/a:novell:suse_linux:hdf5-gnu-openmpi1-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-devel-static, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi1-hpc-module, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-module, p-cpe:/a:novell:suse_linux:libhdf5_hl-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_fortran-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-hpc-devel, p-cpe:/a:novell:suse_linux:libhdf5-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-devel, p-cpe:/a:novell:suse_linux:suse-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-hpc-devel-static, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_1_10_8-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-openmpi1-hpc-devel-static, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-mvapich2-hpc, p-cpe:/a:novell:suse_linux:libhdf5_hl_cpp_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:libhdf5_cpp_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5-gnu-mvapich2-hpc-devel, cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:libhdf5_fortran-gnu-openmpi1-hpc, p-cpe:/a:novell:suse_linux:libhdf5_fortran_1_10_8-gnu-hpc, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc-module, p-cpe:/a:novell:suse_linux:hdf5_1_10_8-gnu-mvapich2-hpc
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/3/2022
Vulnerability Publication Date: 12/11/2017
Reference Information
CVE: CVE-2017-17505, CVE-2017-17506, CVE-2017-17508, CVE-2017-17509, CVE-2018-11202, CVE-2018-11203, CVE-2018-11204, CVE-2018-11206, CVE-2018-11207, CVE-2018-13869, CVE-2018-13870, CVE-2018-14033, CVE-2018-14460, CVE-2018-17233, CVE-2018-17234, CVE-2018-17237, CVE-2018-17432, CVE-2018-17433, CVE-2018-17434, CVE-2018-17435, CVE-2018-17436, CVE-2018-17437, CVE-2018-17438, CVE-2020-10809, CVE-2020-10810, CVE-2020-10811
SuSE: SUSE-SU-2022:1933-1