CVE-2025-6817
BaseFortify
Publication date: 2025-06-28
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hdfgroup | hdf5 | 1.14.6 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6817 is a vulnerability in HDF5 version 1.14.6, specifically in the function H5C__load_entry in the source file src/H5Centry.c. It occurs because the program does not properly validate the size of memory allocations, allowing an attacker to trigger an attempt to allocate an excessively large amount of memory. This leads to uncontrolled resource consumption, which can cause the program to crash or become unavailable. The vulnerability can be exploited locally using specially crafted input and has been publicly disclosed with proof-of-concept exploits available. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by causing denial of service (DoS) on systems using the affected HDF5 library. An attacker with local access can exploit the flaw to exhaust system resources, particularly memory, leading to crashes or unavailability of services relying on HDF5. This can disrupt normal operations and potentially cause system instability. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for abnormal resource consumption or crashes related to the HDF5 library, specifically in the function H5C__load_entry. Since the issue was discovered using fuzz testing with the h5_extended_fuzzer.c harness from OSS-Fuzz, running similar fuzz tests or using AddressSanitizer-enabled builds to detect allocation-size-too-big errors can help identify the vulnerability. There are no specific network detection commands since the attack requires local access. Suggested commands include running the OSS-Fuzz h5_extended_fuzzer or compiling HDF5 with AddressSanitizer and observing malloc failures or aborts related to large memory allocations in H5C__load_entry. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting local access to trusted users only, as exploitation requires local access. Since no known countermeasures or patches are currently available, consider replacing the affected HDF5 version 1.14.6 with an alternative or updated version once available. Monitoring for unusual resource consumption and crashes can help detect exploitation attempts. Applying build-time protections such as AddressSanitizer may help detect issues during testing but does not prevent exploitation in production. [2, 3]