Protect yourself against future threats.
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2024.1930
Security update for hdf5
28 March 2024
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: hdf5
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2020-10812 CVE-2018-11202 CVE-2019-8396
CVE-2016-4332 CVE-2021-37501
Original Bulletin:
https://www.suse.com/support/update/announcement/2024/suse-su-20240882-1
Comment: CVSS (Max): 8.6 CVE-2016-4332 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS Source: SUSE, [NIST]
Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Security update for hdf5
Announcement ID: SUSE-SU-2024:0882-1
Rating: moderate
o bsc#1011205
o bsc#1093641
o bsc#1125882
o bsc#1167400
References: o bsc#1207973
o bsc#1209548
o bsc#133222
o jsc#PED-7816
o CVE-2016-4332
o CVE-2018-11202
Cross-References: o CVE-2019-8396
o CVE-2020-10812
o CVE-2021-37501
o CVE-2016-4332 ( NVD ): 8.6 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/
S:C/C:H/I:H/A:H
o CVE-2018-11202 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R
/S:U/C:N/I:N/A:L
o CVE-2018-11202 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/
S:U/C:N/I:N/A:H
o CVE-2019-8396 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/
S:U/C:N/I:N/A:L
o CVE-2019-8396 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/
CVSS scores: S:U/C:N/I:N/A:H
o CVE-2020-10812 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R
/S:U/C:N/I:N/A:L
o CVE-2020-10812 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/
S:U/C:N/I:N/A:H
o CVE-2021-37501 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R
/S:U/C:L/I:L/A:H
o CVE-2021-37501 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:N/I:N/A:H
o HPC Module 12
o SUSE Linux Enterprise High Performance Computing 12 SP2
o SUSE Linux Enterprise High Performance Computing 12 SP3
o SUSE Linux Enterprise High Performance Computing 12 SP4
o SUSE Linux Enterprise High Performance Computing 12 SP5
Affected o SUSE Linux Enterprise Server 12 SP2
Products: o SUSE Linux Enterprise Server 12 SP3
o SUSE Linux Enterprise Server 12 SP4
o SUSE Linux Enterprise Server 12 SP5
o SUSE Linux Enterprise Server for SAP Applications 12 SP2
o SUSE Linux Enterprise Server for SAP Applications 12 SP3
o SUSE Linux Enterprise Server for SAP Applications 12 SP4
o SUSE Linux Enterprise Server for SAP Applications 12 SP5
An update that solves five vulnerabilities, contains one feature and has two
security fixes can now be installed.
Description:
This update for hdf5 fixes the following issues:
Updated to version 1.10.11
o Changed the error handling for a not found path in the find plugin process.
o Fixed CVE-2018-11202, a malformed file could result in chunk index memory
leaks.
o Fixed a file space allocation bug in the parallel library for chunked
datasets.
o Fixed an assertion failure in Parallel HDF5 when a file can't be created
due to an invalid library version bounds setting.
o Fixed an assertion in a previous fix for CVE-2016-4332.
o Fixed segfault on file close in h5debug which fails with a core dump on a
file that has an illegal file size in its cache image. Fixes HDFFV-11052,
CVE-2020-10812.
o Fixed memory leaks that could occur when reading a dataset from a malformed
file.
o Fixed a bug in H5Ocopy that could generate invalid HDF5 files
o Fixed potential heap buffer overflow in decoding of link info message.
o Fixed potential buffer overrun issues in some object header decode
routines.
o Fixed a heap buffer overflow that occurs when reading from a dataset with a
compact layout within a malformed HDF5 file.
o Fixed CVE-2019-8396, malformed HDF5 files where content does not match
expected size.
o Fixed memory leak when running h5dump with proof of vulnerability file.
o Added option --no-compact-subset to h5diff.
Fixes since 1.10.10:
o Fixed a memory corruption when reading from dataset using a hyperslab
selection in file dataspace and a point selection memory dataspace.
o Fix CVE-2021-37501
o Fixed an issue with variable length attributes.
o Fixed an issue with hyperslab selections where an incorrect combined
selection was produced.
o Fixed an issue with attribute type conversion with compound datatypes.
o Modified H5Fstart_swmr_write() to preserve DAPL properties.
o Converted an assertion on (possibly corrupt) file contents to a normal
error check.
o Fixed memory leak with variable-length fill value in H5O_fill_convert().
o Fix h5repack to only print output when verbose option is selected.
Fixes since 1.10.9:
o Several improvements to parallel compression feature, including:
Improved support for collective I/O (for both writes and reads).
Reduction of copying of application data buffers passed to H5Dwrite.
Addition of support for incremental file space allocation for filtered
datasets created in parallel.
Addition of support for HDF5's "don't filter partial edge chunks" flag
Addition of proper support for HDF5 fill values with the feature.
Addition of 'H5_HAVE_PARALLEL_FILTERED_WRITES' macro to H5pubconf.h so
HDF5 applications can determine at compile-time whether the feature is
available.
Addition of simple examples
o h5repack added an optional verbose value for reporting R/W timing.
o Fixed a metadata cache bug when resizing a pinned/protected cache entry.
o Fixed a problem with the H5_VERS_RELEASE check in the H5check_version
function.
o Unified handling of collective metadata reads to correctly fix old bugs.
o Fixed several potential MPI deadlocks in library failure conditions.
o Fixed an issue with collective metadata reads being permanently disabled
after a dataset chunk lookup operation.
o Remove timestamp/buildhost/kernel version from libhdf5.settings (bsc#
1209548).
o set higher constraints for succesfull mpich tests (bsc#133222)
Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o HPC Module 12
zypper in -t patch SUSE-SLE-Module-HPC-12-2024-882=1
Package List:
o HPC Module 12 (noarch)
hdf5-gnu-mvapich2-hpc-devel-1.10.11-3.21.1
hdf5-gnu-hpc-devel-1.10.11-3.21.1
hdf5-gnu-openmpi1-hpc-devel-1.10.11-3.21.1
o HPC Module 12 (aarch64 x86_64)
hdf5_1_10_11-gnu-hpc-devel-1.10.11-3.21.1
libhdf5_hl_fortran-gnu-hpc-1.10.11-3.21.1
libhdf5_cpp_1_10_11-gnu-mvapich2-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-hpc-module-1.10.11-3.21.1
libhdf5_fortran_1_10_11-gnu-openmpi1-hpc-1.10.11-3.21.1
libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-3.21.1
libhdf5_1_10_11-gnu-hpc-1.10.11-3.21.1
libhdf5_cpp_1_10_11-gnu-hpc-1.10.11-3.21.1
libhdf5_fortran_1_10_11-gnu-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-mvapich2-hpc-module-1.10.11-3.21.1
hdf5_1_10_11-gnu-hpc-debugsource-1.10.11-3.21.1
hdf5_1_10_11-gnu-hpc-1.10.11-3.21.1
libhdf5hl_fortran_1_10_11-gnu-hpc-debuginfo-1.10.11-3.21.1
libhdf5_fortran-gnu-openmpi1-hpc-1.10.11-3.21.1
libhdf5-gnu-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-mvapich2-hpc-1.10.11-3.21.1
libhdf5_fortran_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-3.21.1
libhdf5_fortran-gnu-mvapich2-hpc-1.10.11-3.21.1
libhdf5_hl_1_10_11-gnu-openmpi1-hpc-debuginfo-1.10.11-3.21.1
libhdf5_hl_cpp-gnu-hpc-1.10.11-3.21.1
libhdf5_hl-gnu-mvapich2-hpc-1.10.11-3.21.1
libhdf5_hl_cpp_1_10_11-gnu-openmpi1-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-mvapich2-hpc-devel-1.10.11-3.21.1
hdf5_1_10_11-gnu-openmpi1-hpc-1.10.11-3.21.1
libhdf5_1_10_11-gnu-openmpi1-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-mvapich2-hpc-devel-static-1.10.11-3.21.1
libhdf5-gnu-mvapich2-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-openmpi1-hpc-devel-1.10.11-3.21.1
libhdf5_1_10_11-gnu-mvapich2-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-mvapich2-hpc-debugsource-1.10.11-3.21.1
libhdf5_1_10_11-gnu-hpc-debuginfo-1.10.11-3.21.1
libhdf5_hl-gnu-openmpi1-hpc-1.10.11-3.21.1
libhdf5_cpp_1_10_11-gnu-openmpi1-hpc-1.10.11-3.21.1
libhdf5_hl_1_10_11-gnu-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-openmpi1-hpc-module-1.10.11-3.21.1
libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc-1.10.11-3.21.1
libhdf5_1_10_11-gnu-openmpi1-hpc-debuginfo-1.10.11-3.21.1
libhdf5_hl_1_10_11-gnu-mvapich2-hpc-1.10.11-3.21.1
libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-openmpi1-hpc-debugsource-1.10.11-3.21.1
libhdf5hl_fortran_1_10_11-gnu-openmpi1-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-openmpi1-hpc-debuginfo-1.10.11-3.21.1
libhdf5_hl_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-3.21.1
libhdf5_hl_cpp_1_10_11-gnu-hpc-debuginfo-1.10.11-3.21.1
libhdf5hl_fortran_1_10_11-gnu-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-hpc-devel-static-1.10.11-3.21.1
libhdf5hl_fortran_1_10_11-gnu-openmpi1-hpc-debuginfo-1.10.11-3.21.1
libhdf5_hl_1_10_11-gnu-openmpi1-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-openmpi1-hpc-devel-static-1.10.11-3.21.1
libhdf5_fortran-gnu-hpc-1.10.11-3.21.1
libhdf5_cpp-gnu-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-3.21.1
libhdf5_fortran_1_10_11-gnu-hpc-debuginfo-1.10.11-3.21.1
libhdf5_hl-gnu-hpc-1.10.11-3.21.1
libhdf5_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-3.21.1
libhdf5_cpp_1_10_11-gnu-hpc-debuginfo-1.10.11-3.21.1
libhdf5_hl_cpp_1_10_11-gnu-hpc-1.10.11-3.21.1
libhdf5_hl_fortran-gnu-openmpi1-hpc-1.10.11-3.21.1
hdf5_1_10_11-gnu-hpc-debuginfo-1.10.11-3.21.1
libhdf5-gnu-openmpi1-hpc-1.10.11-3.21.1
libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc-1.10.11-3.21.1
libhdf5_fortran_1_10_11-gnu-openmpi1-hpc-debuginfo-1.10.11-3.21.1
libhdf5_fortran_1_10_11-gnu-mvapich2-hpc-1.10.11-3.21.1
libhdf5_hl_1_10_11-gnu-hpc-debuginfo-1.10.11-3.21.1
References:
o https://www.suse.com/security/cve/CVE-2016-4332.html
o https://www.suse.com/security/cve/CVE-2018-11202.html
o https://www.suse.com/security/cve/CVE-2019-8396.html
o https://www.suse.com/security/cve/CVE-2020-10812.html
o https://www.suse.com/security/cve/CVE-2021-37501.html
o https://bugzilla.suse.com/show_bug.cgi?id=1011205
o https://bugzilla.suse.com/show_bug.cgi?id=1093641
o https://bugzilla.suse.com/show_bug.cgi?id=1125882
o https://bugzilla.suse.com/show_bug.cgi?id=1167400
o https://bugzilla.suse.com/show_bug.cgi?id=1207973
o https://bugzilla.suse.com/show_bug.cgi?id=1209548
o https://bugzilla.suse.com/show_bug.cgi?id=133222
o https://jira.suse.com/browse/PED-7816
- --------------------------END INCLUDED TEXT----------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================