Login Sign Up

CVE-2024-32607

5.7 MEDIUM
Denial of Service

📋 TL;DR

CVE-2024-32607 is a memory corruption vulnerability in the HDF5 library that can cause a segmentation fault (SEGV) when closing attributes, potentially allowing attackers to crash applications or execute arbitrary code. This affects any software using vulnerable versions of the HDF5 library for scientific data storage. Users of HDF5-dependent applications in research, engineering, and data analysis are at risk.

💻 Affected Systems

Products:
  • HDF5 Library
  • Applications using HDF5 library (e.g., scientific software, data analysis tools)
Versions: HDF5 versions through 1.14.3
Operating Systems: All platforms supported by HDF5 (Linux, Windows, macOS, Unix)
Default Config Vulnerable: ⚠️ Yes
Notes: Any application linking against vulnerable HDF5 versions is affected regardless of configuration.

📦 What is this software?

Hdf5 by Hdfgroup

View all CVEs affecting Hdf5 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if an attacker can trigger the vulnerability through malicious HDF5 files.

🟠

Likely Case

Denial of service through application crashes when processing specially crafted HDF5 files.

🟢

If Mitigated

Limited impact with proper input validation and sandboxing of HDF5 file processing.

🌐 Internet-Facing: MEDIUM - Applications accepting HDF5 files from untrusted sources could be exploited remotely.
🏢 Internal Only: LOW - Internal systems not processing external HDF5 files have minimal exposure.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting malicious HDF5 files to trigger the SEGV, but no public exploit code is available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: HDF5 1.14.4

Vendor Advisory: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/

Restart Required: Yes

Instructions:

1. Download HDF5 1.14.4 from hdfgroup.org. 2. Compile and install the new version. 3. Recompile any applications using HDF5 against the patched library. 4. Restart affected services.

🔧 Temporary Workarounds

Input validation for HDF5 files

all

Implement strict validation of HDF5 files before processing to reject potentially malicious content.

Sandbox HDF5 processing

all

Isolate HDF5 file processing in containers or restricted environments to limit impact.

🧯 If You Can't Patch

  • Restrict HDF5 file sources to trusted origins only.
  • Monitor for application crashes related to HDF5 processing and investigate anomalies.

🔍 How to Verify

Check if Vulnerable:

Check HDF5 library version with 'h5dump --version' or examine linked libraries in applications.

Check Version:

h5dump --version | grep 'HDF5'

Verify Fix Applied:

Confirm HDF5 version is 1.14.4 or later and test with known HDF5 files to ensure no crashes.

📡 Detection & Monitoring

Log Indicators:

  • Segmentation fault (SEGV) errors in application logs
  • Unexpected process termination when handling HDF5 files

Network Indicators:

  • Unusual HDF5 file transfers to sensitive systems

SIEM Query:

Process:name contains 'h5' AND Event:contains 'segmentation fault'

📊 Metadata

CVE ID: CVE-2024-32607
CVSS v3 Score: 5.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
CWE: CWE-125
Published: May 14, 2024
Last Updated: April 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32607, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)