Show vulnerabilities with patch / with exploit

Multiple vulnerabilities in MATIO



Published: 2019-10-13 | Updated: 2019-12-28
Severity Low
Patch available NO
Number of vulnerabilities 6
CVE ID CVE-2019-17533
CVE-2019-20052
CVE-2019-20020
CVE-2019-20019
CVE-2019-20018
CVE-2019-20017
CWE ID CWE-125
CWE-401
CWE-400
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
matio
Universal components / Libraries / Software for developers

Vendor tbeu

Security Advisory

UPDATED: 28.12.2019

Changed bulletin title, added vulnerability #2-6.

1) Out-of-bounds read

Severity: Low

CVSSv3: 5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2019-17533

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the Mat_VarReadNextInfo4() function in mat4.c in matio when processing a certain '' character. A remote attacker can pass specially crafted data to the application, trigger out-of-bounds read error and read contents of memory on the system or crash the application.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

matio: 1.5.17

CPE External links

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16856
https://github.com/tbeu/matio/commit/651a8e28099edb5fbb9e4e1d4d3238848f446c9a

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory leak

Severity: Low

CVSSv3: 4.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2019-20052

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in Mat_VarCalloc() function in mat.c, because SafeMulDims does not consider the rank==0 case. A remote attacker can perform denial of service attack.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

matio: 1.5.17

CPE External links

https://github.com/tbeu/matio/issues/131

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

Severity: Low

CVSSv3: 4.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2019-20020

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in ReadNextStructField() function in mat5.c. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

matio: 1.5.17

CPE External links

https://github.com/tbeu/matio/issues/128

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource exhaustion

Severity: Low

CVSSv3: 4.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2019-20019

CWE-ID: CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to attempted excessive memory allocation within Mat_VarRead5() function in mat5.c. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

matio: 1.5.17

CPE External links

https://github.com/tbeu/matio/issues/130

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

Severity: Low

CVSSv3: 4.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2019-20018

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the ReadNextCell() function in mat5.c. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

matio: 1.5.17

CPE External links

https://github.com/tbeu/matio/issues/129

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

Severity: Low

CVSSv3: 4.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2019-20017

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a stack-based buffer over-read within the Mat_VarReadNextInfo5() in mat5.c. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

matio: 1.5.17

CPE External links

https://github.com/tbeu/matio/issues/127

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.