Bug 1397701 (CVE-2016-4330)
Summary: | CVE-2016-4330 hdf5: H5T_ARRAY heap buffer overflow | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | abhgupta, apevec, ayoung, ccoleman, c.david86, chrisw, cvsbot-xmlrpc, dedgar, dmcphers, gmollett, hbrock, jgoulding, jialiu, jjoyce, joelsmith, jokerman, jschluet, jslagle, kbasil, lhh, lmeyer, lpeer, markmc, mburns, mmccomas, orion, pertusus, rbryant, rhos-maint, sclewis, tdecacqu, tiwillia |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
Multiple heap overflows were found in HDF5. These issues could be used to gain code execution in any program that exposes the affected functions to untrusted input. While HDF5 is shipped as a dependency, no Red Hat products are known to expose these issues in any supported use case at this time.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-05-20 21:15:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1397715, 1397716, 1413825, 1470478 | ||
Bug Blocks: | 1397712 |
Description
Andrej Nemec
2016-11-23 08:41:28 UTC
Created hdf5 tracking bugs for this issue: Affects: fedora-all [bug 1397715] Affects: epel-all [bug 1397716] Created hdf5 tracking bugs for this issue: Affects: openshift-1 [bug 1470478] This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2016-4330 |