Описание
matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libmatio | fixed | 1.5.22-1 | package | |
| libmatio | no-dsa | bullseye | package | |
| libmatio | not-affected | buster | package | |
| libmatio | not-affected | stretch | package |
Примечания
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21421
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/matio/OSV-2020-799.yaml
NEWS for 1.5.22 mentions CVE-2020-36428 + CVE-2021-36977 together.
"CVE-2021-36977 was fixed en-passant when the libhdf5 dependency was updated from v1.12.0 to v.12.1"
https://github.com/google/oss-fuzz-vulns/pull/13
In other words, this seems to be a underlying HDF5 problem rather than a libmatio bug.
Связанные уязвимости
matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4).
matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4).
matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4).
Уязвимость функции ReadInt32DataDouble библиотеки для чтения и записи файлов MATLAB MATIO, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
