OSV-2024-380
See a problem?- Import Source
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/hdf5/OSV-2024-380.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/OSV-2024-380
- Published
- 2024-04-30T00:12:11.366893Z
- Modified
- 2025-08-06T15:10:14.893372Z
- Summary
- Heap-use-after-free in H5FL__blk_gc_list
- Details
-
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67830
Crash type: Heap-use-after-free READ 8 Crash state: H5FL__blk_gc_list H5FL_blk_free H5O__free - References
Affected packages
OSS-Fuzz / hdf5
Package
- Name
- hdf5
- Purl
- pkg:generic/hdf5
Affected ranges
- Type
- GIT
- Repo
- https://github.com/HDFGroup/hdf5
- Events
-
IntroducedIntroducedIntroducedIntroducedFixedFixed
Affected versions
1.*
1.14.1
Other
final_autotools_develop
hdf5-1_10_10
hdf5-1_10_11
hdf5-1_12_3
hdf5-1_14_1
hdf5-1_14_1-2
hdf5-1_14_2
hdf5-1_14_3
hdf5-1_14_3-rc1
hdff5-1_14-_0
hdff5-1_14_0
snapshot
hdf5-1.*
hdf5-1.14.5
hdf5-1.14.6
hdf5_1.*
hdf5_1.14.4
hdf5_1.14.4.1
hdf5_1.14.4.2
hdf5_1.14.4.3
hdf5_1.14.5
hdf5_1.14.6
snapshot-1.*
snapshot-1.10
snapshot-1.12
snapshot-1.14
snapshot-1.16