The Biosig Project libbiosig Integer Overflow Vulnerability in GDF Parsing Leading to Arbitrary Code Execution

A vulnerability allowing integer overflow has been identified in the GDF parsing functionality of The Biosig Project libbiosig, specifically in version 3.9.0 and the Master Branch (35a819fa). This vulnerability arises when the library processes specially crafted GDF files, which can lead to heap-based buffer overflow and potentially allow for arbitrary code execution. The issue is rooted in how the library handles event data in GDF files, particularly in version 1.25, which is still supported by libbiosig.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, a common precursor to arbitrary code execution.

Reproduction

The vulnerability can be reproduced by using a malicious GDF file that exploits the integer overflow condition during the parsing of event data. This can be done by crafting a file that manipulates the 'EVENT.N' and 'sze' values to trigger the overflow when the 'rawEventData' buffer is allocated.

Remediation

Users are advised to update to the patched version of libbiosig, which is available on the project's official website.