CVE-2024-23313

Name of the Vulnerable Software and Affected Versions The Biosig Project libbiosig version 2.5.0 The Biosig Project libbiosig Master Branch (ab0ee111)

Description An integer underflow vulnerability exists in the sopen FAMOS read functionality. A specially crafted .famos file can lead to an out-of-bounds write, which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Recommendations For The Biosig Project libbiosig version 2.5.0, consider disabling the sopen FAMOS read functionality until a patch is available. For The Biosig Project libbiosig Master Branch (ab0ee111), consider disabling the sopen FAMOS read functionality until a patch is available. Avoid using specially crafted .famos files in the affected functionality to minimize the risk of exploitation.