Bug 1101475 (CVE-2018-14031) - VUL-1: hdf5: CVE-2018-14031 hdf5: heap-based buffer over-read in the function H5T_copy in H5T.c
Summary: VUL-1: hdf5: CVE-2018-14031 hdf5: heap-based buffer over-read in the function...
Status: RESOLVED FIXED
Alias: CVE-2018-14031
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Minor
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/210558/
Whiteboard: CVSSv2:NVD:CVE-2018-14031:6.8:(AV:N/...
Keywords:
Depends on:
Blocks:
 
Reported: 2018-07-17 13:18 UTC by Johannes Segitz
Modified: 2024-05-08 11:10 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2018-07-17 13:18:40 UTC 
rh#1600979

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based
buffer over-read in the function H5T_copy in H5T.c.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1600979
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14031
https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
Comment 1 Johannes Segitz 2018-07-17 13:18:56 UTC 
SUSE will not provide a fix for this issue since the risk to our customers posed by this is negligible.
Comment 2 Egbert Eich 2022-09-06 12:56:46 UTC 
SEGV during read:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6bf5f47 in __memmove_avx_unaligned_erms () from /lib64/libc.so.6
Missing separate debuginfos, use: zypper install libz1-debuginfo-1.2.11-150000.3.33.1.x86_64
(gdb) bt
#0  0x00007ffff6bf5f47 in __memmove_avx_unaligned_erms () from /lib64/libc.so.6
#1  0x00007ffff7a5b12e in H5T_copy (old_dt=0x659760, 
    method=method@entry=H5T_COPY_ALL) at H5T.c:3400
(gdb) x/i $pc
=> 0x7ffff6bf5f47 <__memmove_avx_unaligned_erms+551>:	
    vmovdqu -0x20(%rsi,%rdx,1),%ymm8
Comment 5 Egbert Eich 2022-10-26 12:01:17 UTC 
Fix provided.
Comment 6 Swamp Workflow Management 2022-11-01 14:20:23 UTC 
SUSE-SU-2022:3824-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-3.15.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-3.15.1, hdf5_1_10_8-gnu-openmpi1-hpc-1.10.8-3.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2022-11-01 14:22:33 UTC 
SUSE-SU-2022:3826-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.7.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2022-11-01 14:25:50 UTC 
SUSE-SU-2022:3825-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.3.1
SUSE Linux Enterprise Module for HPC 15-SP4 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.3.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2022-11-01 14:28:42 UTC 
SUSE-SU-2022:3827-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Swamp Workflow Management 2022-11-01 14:32:23 UTC 
SUSE-SU-2022:3829-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
openSUSE Leap 15.3 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
SUSE Linux Enterprise Module for HPC 15-SP3 (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1, hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2022-11-01 14:33:51 UTC 
SUSE-SU-2022:3828-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215
CVE References: CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
JIRA References: 
Sources used:
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.7.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.7.1, hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.