Описание
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in Mat_VarCreateStruct() when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a segmentation fault or heap corruption.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | deferred | 2026-01-05 |
| esm-apps/bionic | deferred | 2026-01-05 |
| esm-apps/focal | deferred | 2026-01-05 |
| esm-apps/jammy | deferred | 2026-01-05 |
| esm-apps/noble | deferred | 2026-01-05 |
| esm-apps/xenial | deferred | 2026-01-05 |
| esm-infra-legacy/trusty | deferred | 2026-01-05 |
| jammy | deferred | 2026-01-05 |
| noble | deferred | 2026-01-05 |
| plucky | ignored | end of life, was deferred [2026-01-05] |
Показывать по
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in Mat_VarCreateStruct() when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a segmentation fault or heap corruption.
An issue was discovered in matio 1.5.28. A heap-based memory corruptio ...
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in Mat_VarCreateStruct() when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a segmentation fault or heap corruption.
EPSS
9.8 Critical
CVSS3