CVE-2024-32615: Buffer Overflow
First published: Tue May 14 2024(Updated: )
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Z__nbit_decompress_one_byte in H5Znbit.c, caused by the earlier use of an initialized pointer.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HDF5 | <1.14.4 | |
| HDF5 | <=1.14.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-32615?
CVE-2024-32615 is classified as a high severity vulnerability due to the potential for remote code execution from a heap-based buffer overflow.
How do I fix CVE-2024-32615?
To mitigate CVE-2024-32615, update to HDF5 Library version 1.14.4 or later where the vulnerability has been addressed.
What types of systems are affected by CVE-2024-32615?
CVE-2024-32615 affects the HDF5 Library versions up to and including 1.14.3.
What impact does CVE-2024-32615 have on applications utilizing the HDF5 Library?
Applications utilizing the affected HDF5 Library versions may be susceptible to arbitrary code execution or crashes due to the buffer overflow.
When was CVE-2024-32615 disclosed?
CVE-2024-32615 was disclosed in May 2024.
- agent/description
- agent/type
- agent/author
- agent/first-publish-date
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/source
- agent/last-modified-date
- agent/references
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/tags
- agent/event
- agent/guess-ai
- agent/software-canonical-lookup-request
- vendor/hdfgroup
- canonical/hdf5
- vendor/hdf group