Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Debian 11 libmatio Critical DoS Heap Corruption Advisory DLA-4459-1

debian lts
Calendar Grey January 29, 2026
Dist Debian Esm H88
Critical security alert for libmatio in Debian LTS. Address DoS and heap issues by upgrading to fix potential risks quickly.
Multiple vulnerabilities has been discovered in libmatio, a MAT File I/O Library

Summary

Multiple vulnerabilities has been discovered in libmatio, a MAT File I/O
Library.

CVE-2025-50343
A Denial of Service (DoS) and in certain cases heap corruption vulnerability
was found, which could lead to potential remote code execution if libmatio is
embedded in services that accepts user-supplied .mat files.

CVE-2025-2338
A Denial of Service (DoS) and head-based buffer overflow was found, which
could potentially lead to remote code execution if libmatio is embedded in
services that accepts user-supplied .mat files.

CVE-2022-1515
A memory leak was discovered in matio 1.5.21 and earlier. This could lead
to a potential Denial of Service (DoS).

CVE-2020-36428
A heap-based buffer overflow was found which could lead to potential remote
code execution if libmatio is embedded in services that accepts user-supplied
.mat files.

Additionally CVE-2025-2337 and CVE-2020-36428 was investigated and deemed
not to apply (directly) to this libmatio version.

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

Package: libmatio
Version: 1.5.19-2+deb11u1
CVE ID: CVE-2022-1515 CVE-2025-2338 CVE-2025-50343
Debian Bug: 1104247 1124797

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here