High severity8.1NVD Advisory· Published May 16, 2018· Updated Jun 17, 2026
CVE-2018-11206
CVE-2018-11206
Description
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
53- osv-coords52 versionspkg:rpm/opensuse/hdf5_1_10_8-gnu-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/hdf5_1_10_8-gnu-hpc&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/hdf5_1_10_8-gnu-mpich-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/hdf5_1_10_8-gnu-mpich-hpc&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/hdf5_1_10_8-gnu-openmpi3-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/hdf5_1_10_8-gnu-openmpi3-hpc&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/hdf5_1_10_8-gnu-openmpi4-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/hdf5_1_10_8-gnu-openmpi4-hpc&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012pkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012pkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-openmpi1-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012pkg:rpm/suse/hdf5_1_10_8-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-openmpi3-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/hdf5_1_10_8-gnu-openmpi3-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/hdf5_1_10_8-gnu-openmpi3-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-openmpi3-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-openmpi4-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/hdf5_1_10_8-gnu-openmpi4-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/suse-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/suse-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/suse-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012
< 1.10.8-150300.4.3.1+ 51 more
- (no CPE)range: < 1.10.8-150300.4.3.1
- (no CPE)range: < 1.10.8-150300.4.3.1
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.1
- (no CPE)range: < 1.10.8-150300.4.3.1
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150100.7.4.3
- (no CPE)range: < 1.10.8-150100.7.4.3
- (no CPE)range: < 1.10.8-150200.8.4.2
- (no CPE)range: < 1.10.8-150200.8.4.2
- (no CPE)range: < 1.10.8-150000.8.4.3
- (no CPE)range: < 1.10.8-150000.8.4.3
- (no CPE)range: < 1.10.8-3.12.2
- (no CPE)range: < 1.10.8-150300.4.3.1
- (no CPE)range: < 1.10.8-150300.4.3.1
- (no CPE)range: < 1.10.8-150100.7.4.3
- (no CPE)range: < 1.10.8-150100.7.4.3
- (no CPE)range: < 1.10.8-150200.8.4.3
- (no CPE)range: < 1.10.8-150200.8.4.3
- (no CPE)range: < 1.10.8-150000.8.4.3
- (no CPE)range: < 1.10.8-150000.8.4.3
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150100.7.4.3
- (no CPE)range: < 1.10.8-150100.7.4.3
- (no CPE)range: < 1.10.8-150200.8.4.2
- (no CPE)range: < 1.10.8-150200.8.4.2
- (no CPE)range: < 1.10.8-150000.8.4.3
- (no CPE)range: < 1.10.8-150000.8.4.3
- (no CPE)range: < 1.10.8-3.12.2
- (no CPE)range: < 1.10.8-150300.4.3.1
- (no CPE)range: < 1.10.8-150300.4.3.1
- (no CPE)range: < 1.10.8-3.12.2
- (no CPE)range: < 1.10.8-150100.7.4.3
- (no CPE)range: < 1.10.8-150100.7.4.3
- (no CPE)range: < 1.10.8-150200.8.4.2
- (no CPE)range: < 1.10.8-150200.8.4.2
- (no CPE)range: < 1.10.8-150000.8.4.3
- (no CPE)range: < 1.10.8-150000.8.4.3
- (no CPE)range: < 1.10.8-150200.8.4.2
- (no CPE)range: < 1.10.8-150200.8.4.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 1.10.8-150300.4.3.2
- (no CPE)range: < 0.5.20220206.0c6b168-150000.11.3.1
- (no CPE)range: < 0.5.20220206.0c6b168-150000.11.3.1
- (no CPE)range: < 0.5.20220206.0c6b168-5.2
Patches
Vulnerability mechanics
References
3- github.com/Twi1ight/fuzzing-pocs/tree/master/hdf5nvdExploitThird Party Advisory
- github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.mdnvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2023/08/msg00009.htmlnvd
News mentions
0No linked articles in our index yet.