A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .egi file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.6.0-1ubuntu1", "binary_name": "biosig-tools" }, { "binary_version": "2.6.0-1ubuntu1", "binary_name": "biosig-tools-dbgsym" }, { "binary_version": "2.6.0-1ubuntu1", "binary_name": "libbiosig-dev" }, { "binary_version": "2.6.0-1ubuntu1", "binary_name": "libbiosig3" }, { "binary_version": "2.6.0-1ubuntu1", "binary_name": "libbiosig3-dbgsym" }, { "binary_version": "2.6.0-1ubuntu1", "binary_name": "octave-biosig" }, { "binary_version": "2.6.0-1ubuntu1", "binary_name": "octave-biosig-dbgsym" }, { "binary_version": "2.6.0-1ubuntu1", "binary_name": "python3-biosig" }, { "binary_version": "2.6.0-1ubuntu1", "binary_name": "python3-biosig-dbgsym" } ] }