Debian LTS libmatio Critical Buffer Overflow CVE-2025-2337 DLA-4644-1
debian lts
June 24, 2026
Multiple vulnerabilities has been discovered in libmatio, a MAT File I/O Library
Summary
CVE-2025-2337
A vulnerability, which was classified as critical, has been found in
libmatio Mat_VarPrint function. The manipulation leads to heap-based buffer
overflow. The attack may be initiated remotely. The exploit has been
disclosed to the public and may be used.
CVE-2025-2338
A Denial of Service (DoS) and head-based buffer overflow was found, which
could potentially lead to remote code execution if libmatio is embedded in
services that accepts user-supplied .mat files.
CVE-2025-50343
A Denial of Service (DoS) and in certain cases heap corruption vulnerability
was found, which could lead to potential remote code execution if libmatio is
embedded in services that accepts user-supplied .mat files.
For Debian 12 bookworm, these problems have been fixed in version
1.5.23-2+deb12u1.
For Debian 11 bullseye, see separate DLA-4459-1.
We recommend that you upgrade your libmatio packages.
For the detailed security status of libmatio please refer to
its security tracker page at:
PREVIOUS 
NEXT 
Severity
critical
Lowest
Low
Medium
High
Critical
Package: libmatio
Version: 1.5.23-2+deb12u1
CVE ID: CVE-2025-2337 CVE-2025-2338 CVE-2025-50343
Debian Bug: 1100992 1104247 1124797
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!