Mageia 8 MGASA-2022-0465 Critical: Matio Heap Buffer Overflow

mageia

December 13, 2022

matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4)

Summary

matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4). (CVE-2020-36428)
matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MM_memcpy (called from H5MM_malloc and H5C_load_entry), related to use of HDF5 1.12.0. (CVE-2021-36977)

References

- https://bugs.mageia.org/show_bug.cgi?id=31246

- https://www.cve.org/CVERecord?id=CVE-2020-36428

- https://www.cve.org/CVERecord?id=CVE-2021-36977

Topics Covered

security advisory buffer overflow Mageia heap-based attack matio

Resolution

SRPMS

- 8/core/matio-1.5.23-1.mga8

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 13 Dec 2022

URL: https://advisories.mageia.org/MGASA-2022-0465.html

Type: security

CVE: CVE-2020-36428, CVE-2021-36977

Topics Covered

security advisory buffer overflow Mageia heap-based attack matio

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks