The Biosig Project Libbiosig Stack-Based Buffer Overflow Vulnerability in MFER Parsing

A stack-based buffer overflow vulnerability has been identified in The Biosig Project libbiosig version 3.9.1, specifically within the MFER (Medical waveform Format Encoding Rules) parsing functionality. This vulnerability allows for arbitrary code execution by exploiting how the library processes certain MFER file tags. When a crafted MFER file is read, the library fails to properly validate the length of data before copying it into a fixed-size buffer, leading to a buffer overflow. An attacker can exploit this by providing a malicious MFER file that triggers the vulnerability.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Reproduction

The vulnerability can be reproduced by using a crafted MFER file that exploits the buffer overflow condition. The file must be designed to include a length value that exceeds the capacity of the stack-allocated buffers used in the MFER parsing code. Once the file is prepared, it can be processed by libbiosig, which will trigger the buffer overflow as the library attempts to read the excessive data into the insufficiently sized buffer.

Remediation

Users are advised to update to the patched version of libbiosig, which is available on the project's official website.