CRITICAL🇵🇱 Wersja polska

CVE-2024-23313

CVSS 9.8v3.1pub. 2024-02-20upd. 2025-11-04

An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

🤖 AI Analysis
How it works

The vulnerability (CWE-191) consists of integer underflow during .famos format file processing by the sopen_FAMOS_read function. Incorrect integer value calculation leads to out-of-bounds write beyond the allocated buffer boundaries. An attacker can provide a specially crafted .famos file which, when processed by the library, triggers this error and enables arbitrary code execution.

Impact

Successful exploitation of the vulnerability allows an attacker to execute arbitrary code (RCE) in the context of the process handling the file, which may lead to complete system takeover, violation of data confidentiality and integrity, and loss of service availability.

Mitigation & patch

Apply patches available from the vendor according to references (Talos Intelligence report TALOS-2024-1922 and Fedora announcement). It is recommended to update the libbiosig package to a version containing the fix and to avoid processing .famos files from untrusted sources until the patch is deployed.

Who is affected

The Biosig Project libbiosig 2.5.0 and main branch (commit ab0ee111); libbiosig packages in Fedora distribution.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fedora Project Fedora

    OS
    Fedoraproject
    40
  • Libbiosig Project Libbiosig

    APP
    Libbiosig Project
    2.5.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML

CVE-2024-4947CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)

CVE-2024-4671CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Use-after-free w Google Chrome Visuals umożliwiający ucieczkę z sandbox

CVE-2023-6345CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Integer overflow w Skia w Google Chrome — sandbox escape