CVE-2024-22097

Name of the Vulnerable Software and Affected Versions The Biosig Project libbiosig versions 2.5.0 and Master Branch (ab0ee111)

Description A double-free vulnerability exists in the BrainVision Header Parsing functionality. This can be triggered by a specially crafted .vdhr file, potentially leading to arbitrary code execution. An attacker can exploit this by providing a malicious file.

Recommendations For version 2.5.0, consider disabling the BrainVision Header Parsing functionality until a patch is available. For Master Branch (ab0ee111), restrict the use of the BrainVision Header Parsing functionality to minimize the risk of exploitation. Avoid using malicious .vdhr files with the affected software until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.