Bug 1101906 (CVE-2018-13867) - VUL-1: hdf5: CVE-2018-13867 hdf5: out of bounds read in the function H5F__accum_read in H5Faccum.c
Summary: VUL-1: hdf5: CVE-2018-13867 hdf5: out of bounds read in the function H5F__acc...
Status: RESOLVED FIXED
Alias: CVE-2018-13867
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/210347/
Whiteboard: CVSSv2:NVD:CVE-2018-13867:7.5:(AV:N/...
Keywords:
Depends on:
Blocks: 1101742
  Show dependency treegraph
 
Reported: 2018-07-19 14:58 UTC by Karol Babioch
Modified: 2024-05-08 11:14 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
QA reproducer (1.91 KB, application/octet-stream)
2018-07-19 14:58 UTC, Karol Babioch 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Karol Babioch 2018-07-19 14:58:04 UTC 
rh#1601454

An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of
bounds read in the function H5F__accum_read in H5Faccum.c.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1601454
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13867
Comment 1 Karol Babioch 2018-07-19 14:58:29 UTC 
Created attachment 777491 [details]
QA reproducer
Comment 2 Karol Babioch 2018-07-19 15:03:18 UTC 
SUSE will not provide a fix for this issue since the risk to our customers posed by this is negligible.
Comment 3 Karol Babioch 2018-07-19 15:03:32 UTC 
See previous comment
Comment 4 Egbert Eich 2022-09-06 12:47:18 UTC 
SEGV during read access:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6bf5df8 in __memmove_avx_unaligned_erms () from /lib64/libc.so.6
Missing separate debuginfos, use: zypper install libz1-debuginfo-1.2.11-150000.3.33.1.x86_64
(gdb) bt
#0  0x00007ffff6bf5df8 in __memmove_avx_unaligned_erms () from /lib64/libc.so.6
#1  0x00007ffff78fa0e6 in H5F__accum_read (f=f@entry=0x675b10, 
    map_type=map_type@entry=H5FD_MEM_LHEAP, 
    addr=addr@entry=18446744073709551615, size=size@entry=256, 
    buf=buf@entry=0x67c090) at H5Faccum.c:201
Comment 6 Egbert Eich 2022-10-26 11:59:17 UTC 
Fix provided.
Comment 7 Swamp Workflow Management 2022-11-01 14:20:28 UTC 
SUSE-SU-2022:3824-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-3.15.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-3.15.1, hdf5_1_10_8-gnu-openmpi1-hpc-1.10.8-3.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2022-11-01 14:22:37 UTC 
SUSE-SU-2022:3826-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2022-11-01 14:25:54 UTC 
SUSE-SU-2022:3825-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.3.1
SUSE Linux Enterprise Module for HPC 15-SP4 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Swamp Workflow Management 2022-11-01 14:28:46 UTC 
SUSE-SU-2022:3827-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2022-11-01 14:32:27 UTC 
SUSE-SU-2022:3829-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
openSUSE Leap 15.3 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
SUSE Linux Enterprise Module for HPC 15-SP3 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Swamp Workflow Management 2022-11-01 14:33:56 UTC 
SUSE-SU-2022:3828-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.7.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.