CVE-2025-6858
BaseFortify
Publication date: 2025-06-29
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hdfgroup | hdf5 | 1.14.6 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6858 is a null pointer dereference vulnerability in the HDF5 library version 1.14.6, specifically in the function H5C__flush_single_entry. This flaw occurs when the function attempts to dereference a pointer that is unexpectedly NULL, causing the application to crash with a segmentation fault. The vulnerability can be triggered by specially crafted input files and requires local access to exploit. It affects the core caching mechanism of HDF5, leading to denial of service by crashing the application. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can cause the HDF5 application or any software using the affected HDF5 library to crash unexpectedly, resulting in denial of service. Since it requires local access, an attacker with local privileges can exploit it to disrupt availability of the software. There is no indication of data confidentiality or integrity being affected, but the crash can interrupt normal operations and potentially cause loss of service. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by reproducing the crash using specially crafted HDF5 files that trigger the null pointer dereference in the function H5C__flush_single_entry. Detection can be aided by running fuzz testing tools such as OSS-Fuzz's h5_extended_fuzzer.c harness or using AddressSanitizer to monitor for invalid memory accesses during HDF5 file processing. A proof-of-concept input file (e.g., hdf5_crash_8.txt) can be used to trigger the crash. Specific commands would involve running the HDF5 application or library with the crafted input under AddressSanitizer or a similar memory error detector. For example, compiling HDF5 with AddressSanitizer enabled and running: `./h5dump hdf5_crash_8.txt` or using the OSS-Fuzz harness to fuzz test the library. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting local access to systems running the vulnerable HDF5 version 1.14.6, as exploitation requires local access. Since no patches or fixes are currently available, consider replacing the affected HDF5 component with an alternative or earlier version not affected by this issue. Monitoring for updates from the HDF5 project and applying patches once released is also recommended. Additionally, avoid processing untrusted or specially crafted HDF5 files that could trigger the vulnerability. [2]