CVE-2024-23305

Name of the Vulnerable Software and Affected Versions libbiosig versions 2.5.0 through Master Branch (ab0ee111)

Description An out-of-bounds write vulnerability exists in the BrainVisionMarker Parsing functionality. A specially crafted .vmrk file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Recommendations For libbiosig version 2.5.0, consider disabling the BrainVisionMarker Parsing functionality until a patch is available. For Master Branch (ab0ee111), restrict the use of the BrainVisionMarker Parsing functionality to minimize the risk of exploitation. Avoid using malicious .vmrk files in the affected functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.