{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2310", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-03-14T12:55:04.703Z", "datePublished": "2025-03-14T21:00:09.852Z", "dateUpdated": "2025-03-18T16:20:19.740Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-03-14T21:00:09.852Z"}, "title": "HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-122", "lang": "en", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "n/a", "product": "HDF5", "versions": [{"version": "1.14.6", "status": "affected"}], "modules": ["Metadata Attribute Decoder"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor was contacted early about a batch of vulnerabilities. His response was \"reject\" without further explanation. We have not received an elaboration even after asking politely for further details. Currently we assume that the vendor wants to \"dispute\" the entries which is why they are flagged as such until further details become available."}, {"lang": "de", "value": "Eine kritische Schwachstelle wurde in HDF5 1.14.6 gefunden. Betroffen davon ist die Funktion H5MM_strndup der Komponente Metadata Attribute Decoder. Mittels Manipulieren mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Bisher konnte die Existenz der vermeintlichen Schwachstelle noch nicht eindeutig nachgewiesen werden."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "timeline": [{"time": "2025-03-14T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-03-14T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-03-14T14:00:12.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Zhang Yaoliang (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.299723", "name": "VDB-299723 | HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.299723", "name": "VDB-299723 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.514533", "name": "Submit #514533 | HDFGroup hdf5 v1.14.6 Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/madao123123/crash_report/blob/main/hdf5_poc/hdf5_poc4.md", "tags": ["exploit"]}], "tags": ["disputed"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-17T16:06:31.208611Z", "id": "CVE-2025-2310", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-18T16:20:19.740Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2310", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-17T16:06:31.208611Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-17T16:06:37.552Z"}}], "cna": {"tags": ["disputed"], "title": "HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "Zhang Yaoliang (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "affected": [{"vendor": "n/a", "modules": ["Metadata Attribute Decoder"], "product": "HDF5", "versions": [{"status": "affected", "version": "1.14.6"}]}], "timeline": [{"lang": "en", "time": "2025-03-14T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-03-14T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-03-14T14:00:12.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.299723", "name": "VDB-299723 | HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.299723", "name": "VDB-299723 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.514533", "name": "Submit #514533 | HDFGroup hdf5 v1.14.6 Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/madao123123/crash_report/blob/main/hdf5_poc/hdf5_poc4.md", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor was contacted early about a batch of vulnerabilities. His response was \"reject\" without further explanation. We have not received an elaboration even after asking politely for further details. Currently we assume that the vendor wants to \"dispute\" the entries which is why they are flagged as such until further details become available."}, {"lang": "de", "value": "Eine kritische Schwachstelle wurde in HDF5 1.14.6 gefunden. Betroffen davon ist die Funktion H5MM_strndup der Komponente Metadata Attribute Decoder. Mittels Manipulieren mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Bisher konnte die Existenz der vermeintlichen Schwachstelle noch nicht eindeutig nachgewiesen werden."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-03-14T21:00:09.852Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2310", "state": "PUBLISHED", "dateUpdated": "2025-03-18T16:20:19.740Z", "dateReserved": "2025-03-14T12:55:04.703Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-03-14T21:00:09.852Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [{"sourceIdentifier": "cna@vuldb.com", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor was contacted early about a batch of vulnerabilities. His response was \"reject\" without further explanation. We have not received an elaboration even after asking politely for further details. Currently we assume that the vendor wants to \"dispute\" the entries which is why they are flagged as such until further details become available."}], "id": "CVE-2025-2310", "lastModified": "2025-03-14T21:15:37.443", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-03-14T21:15:37.443", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/madao123123/crash_report/blob/main/hdf5_poc/hdf5_poc4.md"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.299723"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.299723"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.514533"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-122"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{"bugzilla": {"description": "HDF5: HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow", "id": "2352651", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352651"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "(CWE-119|CWE-122)", "details": ["A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor was contacted early about a batch of vulnerabilities. His response was \"reject\" without further explanation. We have not received an elaboration even after asking politely for further details. Currently we assume that the vendor wants to \"dispute\" the entries which is why they are flagged as such until further details become available.", "A vulnerability was found in HDF5. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. Manipulation leads to a heap-based buffer overflow."], "name": "CVE-2025-2310", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "hdf5", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}], "public_date": "2025-03-14T21:00:09Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-2310\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-2310\nhttps://github.com/madao123123/crash_report/blob/main/hdf5_poc/hdf5_poc4.md\nhttps://vuldb.com/?ctiid.299723\nhttps://vuldb.com/?id.299723\nhttps://vuldb.com/?submit.514533"], "threat_severity": "Moderate"}