CVE-2025-54492

Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 libbiosig Master Branch (35a819fa)

Description: A stack-based buffer overflow vulnerability exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. The vulnerability manifests on line 9141 of biosig.c when the Tag is 67, where the address of the integer skew is overflowed instead of buf, potentially causing a stack overflow with smaller values of len.

Recommendations: libbiosig version 3.9.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability. libbiosig Master Branch (35a819fa): At the moment, there is no information about a newer version that contains a fix for this vulnerability.