A heap-based buffer overflow vulnerability exists via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service. Reference: https://github.com/HDFGroup/hdf5/issues/1314
Created hdf5 tracking bugs for this issue: Affects: epel-all [bug 2049123] Affects: fedora-all [bug 2049122] Affects: openstack-rdo [bug 2049124]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-45830