CVE-2026-8084
Undergoing Analysis Undergoing Analysis - In Progress
Heap-based Buffer Overflow in OSGeo GDAL

Publication date: 2026-05-07

Last updated on: 2026-05-08

Assigner: VulDB

Description
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.13.0RC1 is able to resolve this issue. Patch name: a791f70f8eaec540974ec989ca6fb00266b7646c. Upgrading the affected component is advised.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-07
Last Modified
2026-05-08
Generated
2026-06-19
AI Q&A
2026-05-08
EPSS Evaluated
2026-06-18
NVD
CVE-2026-8084
EUVD
EUVD-2026-28417
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
osgeo gdal to 3.12.4 (inc)
osgeo gdal 3.13.0
osgeo gdal 3.13.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

There is no information provided in the available context or resources about how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-8084 is an out-of-bounds read vulnerability in the OSGeo GDAL library, specifically in the HDF-EOS Grid File Handler component within the SWapi.c file. The issue arises in the memmove function when it attempts to strip parentheses from a DimList metadata value without properly validating the string length. If the DimList value is empty or only a single character, the length calculation underflows, causing memmove to read an extremely large amount of memory beyond the allocated buffer. This leads to a crash due to invalid memory access.

The vulnerability is triggered locally when processing a crafted HDF-EOS swath file, for example via the gdalmdiminfo utility. The root cause is the assumption that DimList values are always parenthesized, which is not guaranteed. The issue was fixed by adding proper length checks before performing the memmove operation.

Impact Analysis

This vulnerability can cause a denial-of-service (DoS) condition by crashing applications that process maliciously crafted HDF-EOS grid files using the affected GDAL component. Since the out-of-bounds read leads to an immediate crash, attackers with local access can exploit this to disrupt services or applications relying on GDAL for geospatial data processing.

The attack requires local execution privileges, so remote exploitation is not possible. However, if an attacker can run code locally or trick a user into processing a malicious file, they can trigger this crash.

Detection Guidance

This vulnerability is triggered locally when processing a malicious HDF-EOS grid file using the gdalmdiminfo utility. Detection involves identifying attempts to process crafted HDF-EOS swath files with malformed DimList metadata values that cause out-of-bounds reads.

One way to detect exploitation attempts is to monitor for crashes or abnormal behavior of the gdalmdiminfo tool when it processes HDF-EOS files.

Since the vulnerability is related to the SWfinfo function in SWapi.c and triggered by malformed DimList values, you can attempt to reproduce the issue by running gdalmdiminfo on suspicious or untrusted HDF-EOS files.

Example command to test a file for the vulnerability (use with caution on untrusted files):

  • gdalmdiminfo suspicious_file.he4

If the tool crashes or exhibits abnormal behavior, it may indicate the presence of the vulnerability.

Mitigation Strategies

The primary mitigation step is to upgrade the affected GDAL component to version 3.13.0RC1 or later, where the vulnerability has been fixed.

The fix involves adding bounds checking before performing string manipulation operations in the vulnerable SWapi.c file to prevent out-of-bounds reads.

Until the upgrade can be applied, avoid processing untrusted or malformed HDF-EOS grid files with gdalmdiminfo or other GDAL tools that use the vulnerable code.

Monitoring for crashes or abnormal behavior in GDAL utilities when handling HDF-EOS files can help detect exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8084. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart