A flaw was found in in the HDF HDF5 through 1.10.3 library. A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
Created hdf5 tracking bugs for this issue:
Affects: epel-all [bug 1633855]
Affects: fedora-all [bug 1633854]