{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-6856", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-06-28T10:42:51.429Z", "datePublished": "2025-06-29T09:31:05.927Z", "dateUpdated": "2025-06-30T16:02:47.962Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-06-29T09:31:05.927Z"}, "title": "HDF5 H5FL.c H5FL__reg_gc_list use after free", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-416", "lang": "en", "description": "Use After Free"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "n/a", "product": "HDF5", "versions": [{"version": "1.14.6", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in HDF5 1.14.6 gefunden. Sie wurde als problematisch eingestuft. Dabei betrifft es die Funktion H5FL__reg_gc_list der Datei src/H5FL.c. Durch die Manipulation mit unbekannten Daten kann eine use after free-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-06-28T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-06-28T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-06-28T12:48:03.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "JJLeo (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.314328", "name": "VDB-314328 | HDF5 H5FL.c H5FL__reg_gc_list use after free", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.314328", "name": "VDB-314328 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.602528", "name": "Submit #602528 | HDFGroup HDF5 hdf5 1.14.6 (commit 17c16b6) Use After Free", "tags": ["third-party-advisory"]}, {"url": "https://github.com/HDFGroup/hdf5/issues/5574", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/20623417/hdf5_crash_6.txt", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-30T16:02:34.968154Z", "id": "CVE-2025-6856", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-30T16:02:47.962Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "HDF5 H5FL.c H5FL__reg_gc_list use after free", "credits": [{"lang": "en", "type": "reporter", "value": "JJLeo (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "n/a", "product": "HDF5", "versions": [{"status": "affected", "version": "1.14.6"}]}], "timeline": [{"lang": "en", "time": "2025-06-28T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-06-28T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-06-28T12:48:03.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.314328", "name": "VDB-314328 | HDF5 H5FL.c H5FL__reg_gc_list use after free", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.314328", "name": "VDB-314328 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.602528", "name": "Submit #602528 | HDFGroup HDF5 hdf5 1.14.6 (commit 17c16b6) Use After Free", "tags": ["third-party-advisory"]}, {"url": "https://github.com/HDFGroup/hdf5/issues/5574", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/20623417/hdf5_crash_6.txt", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in HDF5 1.14.6 gefunden. Sie wurde als problematisch eingestuft. Dabei betrifft es die Funktion H5FL__reg_gc_list der Datei src/H5FL.c. Durch die Manipulation mit unbekannten Daten kann eine use after free-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "Use After Free"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-06-29T09:31:05.927Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6856", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-30T16:02:34.968154Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2025-06-30T16:02:40.340Z"}}]}, "cveMetadata": {"cveId": "CVE-2025-6856", "state": "PUBLISHED", "dateUpdated": "2025-06-29T09:31:05.927Z", "dateReserved": "2025-06-28T10:42:51.429Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-06-29T09:31:05.927Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad clasificada como problem\u00e1tica en HDF5 1.14.6. La funci\u00f3n H5FL__reg_gc_list del archivo src/H5FL.c est\u00e1 afectada. La manipulaci\u00f3n provoca el use after free. Es necesario atacar localmente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."}], "id": "CVE-2025-6856", "lastModified": "2025-06-30T18:38:23.493", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-06-29T10:15:21.443", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/HDFGroup/hdf5/issues/5574"}, {"source": "cna@vuldb.com", "url": "https://github.com/user-attachments/files/20623417/hdf5_crash_6.txt"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.314328"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.314328"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.602528"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-416"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{"bugzilla": {"description": "hdf5: HDF5 Use-After-Free Vulnerability", "id": "2375414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375414"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "(CWE-119|CWE-416)", "details": ["A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.", "A flaw was found in hdf5. The H5FL__reg_gc_list function in src/H5FL.c contains a use-after-free condition, requiring local attacker interaction. Manipulation of the file triggers this condition, potentially leading to a denial of service. This vulnerability stems from improper memory management during garbage collection list registration."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-6856", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "hdf5", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}], "public_date": "2025-06-29T09:31:05Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-6856\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-6856\nhttps://github.com/HDFGroup/hdf5/issues/5574\nhttps://github.com/user-attachments/files/20623417/hdf5_crash_6.txt\nhttps://vuldb.com/?ctiid.314328\nhttps://vuldb.com/?id.314328\nhttps://vuldb.com/?submit.602528"], "threat_severity": "Low"}