An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c. References: https://github.com/TeamSeri0us/pocs/tree/master/hdf5/h5stat
Created hdf5 tracking bugs for this issue: Affects: epel-all [bug 1625427] Affects: fedora-all [bug 1625426]
Reproduced in hdf5 package on all RHOSP editions, using the provided reproducer file from the linked repository (https://github.com/TeamSeri0us/pocs/tree/master/hdf5/h5stat) h5stat H5L_extern_query\@H5Lexternal.c\:498-10___out-of-bounds-read Filename: H5L_extern_query:498-10___out-of-bounds-read Segmentation fault (core dumped) No upstream patch or source code analysis has been provided or performed, the backtrace provided in the PoC repository is the current best analysis.