CVE-2024-23809

Name of the Vulnerable Software and Affected Versions libbiosig versions 2.5.0 and Master Branch (ab0ee111)

Description A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of libbiosig. This issue is related to an error in memory deallocation. Exploitation of this vulnerability can allow a remote attacker to execute arbitrary code using a specially crafted .vdhr file.

Recommendations For libbiosig version 2.5.0, consider disabling the BrainVision ASCII Header Parsing functionality until a patch is available. For libbiosig Master Branch (ab0ee111), restrict access to the .vdhr file parsing functionality to minimize the risk of exploitation. Avoid using specially crafted .vdhr files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.