The Biosig Project Libbiosig Stack-Based Buffer Overflow Vulnerability in MFER Parsing

A stack-based buffer overflow vulnerability has been identified in The Biosig Project's libbiosig version 3.9.0 and the Master Branch (35a819fa). This vulnerability arises in the MFER (Medical waveform Format Encoding Rules) parsing functionality, where a specially crafted MFER file can be used to execute arbitrary code. The issue occurs because the library improperly validates the length of data being read from the file, allowing an attacker to overwrite stack memory and potentially gain control of the execution flow.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, allowing for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by using a maliciously crafted MFER file that exploits the unvalidated length handling in the libbiosig library. When the file is processed, the library will read data into a stack buffer without proper length checks, causing an overflow. This can be automated with a proof-of-concept that generates an MFER file with specific length values designed to trigger the vulnerability.

Remediation

Users are advised to update to the patched version of libbiosig released on August 24, 2025.