CRITICAL🇵🇱 Wersja polska

CVE-2024-23310

CVSS 9.8v3.1pub. 2024-02-20upd. 2025-11-04

A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

🤖 AI Analysis
How it works

The vulnerability concerns improper memory management (CWE-416, CWE-825) during reading a file in FAMOS format by the sopen_FAMOS_read function. A pointer to a freed memory area is reused, allowing an attacker to control the program execution flow. To trigger the vulnerability, it is sufficient to provide the victim or application a specially crafted .famos file.

Impact

An attacker can lead to arbitrary code execution (RCE) in the context of an application using the libbiosig library, which may result in complete takeover control of the attacked system.

Mitigation & patch

Patches available from the vendor should be applied in accordance with the references. Users of Fedora distribution should update the libbiosig package according to information published on the package-announce list. It is also recommended to restrict processing of .famos files from untrusted sources.

Who is affected

The Biosig Project libbiosig version 2.5.0 and Master branch (commit ab0ee111), as well as libbiosig packages available in Fedora Project Fedora.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fedora Project Fedora

    OS
    Fedoraproject
    40
  • Libbiosig Project Libbiosig

    APP
    Libbiosig Project
    2.5.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML

CVE-2024-4947CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)

CVE-2024-4671CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Use-after-free w Google Chrome Visuals umożliwiający ucieczkę z sandbox

CVE-2023-6345CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Integer overflow w Skia w Google Chrome — sandbox escape