CVE-2024-23606

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libbiosig version 2.5.0 libbiosig Master Branch (ab0ee111)

Description An out-of-bounds write issue exists in the sopen FAMOS read functionality. A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this issue.

Recommendations For libbiosig version 2.5.0, consider disabling the sopen FAMOS read functionality until a patch is available. For libbiosig Master Branch (ab0ee111), restrict the use of the sopen FAMOS read functionality to minimize the risk of exploitation. Avoid using malicious .famos files in the affected functionality until the issue is resolved.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-131

Related Identifiers

CVE-2024-23606

Affected Products

Debian

Libbiosig

CVE-2024-23606

Weakness Enumeration

Related Identifiers

Affected Products

References · 14