A flaw was found in in the HDF HDF5 1.10.2 library. A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c. It could allow a remote denial of service attack. References: https://github.com/Twi1ight/fuzzing-pocs/tree/master/hdf5
Created hdf5 tracking bugs for this issue: Affects: epel-all [bug 1579947] Affects: fedora-all [bug 1579949]
Created attachment 1439602 [details] a plausible fix