The Biosig Project Libbiosig Stack-Based Buffer Overflow Vulnerability in MFER Parsing
Vulnerability
A stack-based buffer overflow vulnerability has been identified in The Biosig Project libbiosig version 3.9.1, specifically within the MFER (Medical waveform Format Encoding Rules) parsing functionality. This vulnerability allows for arbitrary code execution when a specially crafted MFER file is processed. The issue arises because the library fails to properly validate the length of data being read into fixed-size buffers, enabling attackers to overwrite adjacent memory on the stack.
Impact
Exploitation of this vulnerability leads to a stack-based buffer overflow, allowing for arbitrary code execution.
Reproduction
The vulnerability can be reproduced by using libbiosig to open a maliciously crafted MFER file that exploits the buffer overflow condition. The MFER file must be designed to include a length value that exceeds the capacity of the stack-allocated buffers used in the parsing process, such as Tag 3, which is limited to 16 bytes but can be manipulated to 68 bytes, causing the overflow.
Remediation
Users are advised to update to the patched version of libbiosig, which is available on the project's official website.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.