An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. https://talosintelligence.com/vulnerability_reports/TALOS-2022-1486
Created hdf5 tracking bugs for this issue: Affects: epel-all [bug 2172425] Affects: fedora-all [bug 2172424] Affects: openstack-rdo [bug 2172426]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-25942