The Biosig Project Libbiosig ABF Parsing Integer Overflow Vulnerability Leading to Arbitrary Code Execution

A vulnerability allowing integer overflow in the ABF parsing functionality of The Biosig Project libbiosig, specifically in version 3.9.0 and the Master Branch (35a819fa), has been identified. This vulnerability arises because the library does not properly validate the data in ABF files, which can be manipulated to cause an overflow. When an ABF file is read, the library calculates the number of events based on two header values. However, these values can be crafted to exceed the buffer's capacity, leading to a heap-based buffer overflow. Such an overflow can be exploited to execute arbitrary code.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to arbitrary code execution.

Reproduction

The vulnerability can be reproduced by using a specially crafted ABF file that exploits the integer overflow in the header parsing. This file should be designed to manipulate the 'lActualEpisodes' and 'lNumTagEntries' values to create an overflow condition when the library calculates the total number of events. Once the overflow occurs, the library will write beyond the allocated buffer, creating a heap-based buffer overflow condition.

Remediation

Users are advised to update to the patched version of libbiosig, which is available on the project's official website.