The Biosig Project Libbiosig Stack-Based Buffer Overflow Vulnerability in MFER Parsing

A stack-based buffer overflow vulnerability has been identified in The Biosig Project libbiosig version 3.9.1, specifically within the MFER (Medical waveform Format Encoding Rules) parsing functionality. This vulnerability allows for arbitrary code execution by exploiting the way the library processes specially crafted MFER files. The issue arises when the file is read and the length of the data exceeds the buffer size, leading to a buffer overflow on the stack.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can be leveraged for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by using a maliciously crafted MFER file that exploits the buffer overflow condition. The file must be designed to include a length value that exceeds the expected size for certain tags, such as Tag 3, 64, 65, 67, 131, or 133. When this file is processed by libbiosig, the library will read the excessive length into a stack-allocated buffer without proper validation, causing the overflow.

Remediation

Users are advised to update to the patched version of libbiosig, which is available on the project's official website.