SB2019101301 - Multiple vulnerabilities in MATIO
Published: October 13, 2019 Updated: December 28, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2019-17533)
The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the Mat_VarReadNextInfo4() function in mat4.c in matio when processing a certain '' character. A remote attacker can pass specially crafted data to the application, trigger out-of-bounds read error and read contents of memory on the system or crash the application.
2) Memory leak (CVE-ID: CVE-2019-20052)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in Mat_VarCalloc() function in mat.c, because SafeMulDims does not consider the rank==0 case. A remote attacker can perform denial of service attack.
3) Out-of-bounds read (CVE-ID: CVE-2019-20020)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in ReadNextStructField() function in mat5.c. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
4) Resource exhaustion (CVE-ID: CVE-2019-20019)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to attempted excessive memory allocation within Mat_VarRead5() function in mat5.c. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
5) Out-of-bounds read (CVE-ID: CVE-2019-20018)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the ReadNextCell() function in mat5.c. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
6) Out-of-bounds read (CVE-ID: CVE-2019-20017)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a stack-based buffer over-read within the Mat_VarReadNextInfo5() in mat5.c. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16856
- https://github.com/tbeu/matio/commit/651a8e28099edb5fbb9e4e1d4d3238848f446c9a
- https://github.com/tbeu/matio/issues/131
- https://github.com/tbeu/matio/issues/128
- https://github.com/tbeu/matio/issues/130
- https://github.com/tbeu/matio/issues/129
- https://github.com/tbeu/matio/issues/127