Vulnerability Details CVE-2024-23310
A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.3%
CVSS Severity
CVSS v3 Score 9.8
References
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRLGNQM33KAWVWP5RPMAPHWNP3IY5YW/
- https://talosintelligence.com/vulnerability_reports/TALOS-2024-1923
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRLGNQM33KAWVWP5RPMAPHWNP3IY5YW/
- https://talosintelligence.com/vulnerability_reports/TALOS-2024-1923
Products affected by CVE-2024-23310
-
cpe:2.3:a:libbiosig_project:libbiosig:2.5.0
-
cpe:2.3:o:fedoraproject:fedora:40