Bug#924185: libmatio: CVE-2019-9026 CVE-2019-9027 CVE-2019-9028 CVE-2019-9029 CVE-2019-9030 CVE-2019-9031 CVE-2019-9032 CVE-2019-9033 CVE-2019-9034 CVE-2019-9035 CVE-2019-9036 CVE-2019-9037 CVE-2019-9038
Salvatore Bonaccorso
carnil at debian.org
Sun Mar 10 08:15:13 GMT 2019
Source: libmatio
Version: 1.5.13-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/tbeu/matio/issues/103
Hi,
The following vulnerabilities were published for libmatio.
CVE-2019-9026[0]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a heap-based buffer overflow in the function
| InflateVarName() in inflate.c when called from ReadNextCell in mat5.c.
CVE-2019-9027[1]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a heap-based buffer overflow problem in the
| function ReadNextCell() in mat5.c.
CVE-2019-9028[2]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a stack-based buffer over-read in the
| function InflateDimensions() in inflate.c when called from ReadNextCell
| in mat5.c.
CVE-2019-9029[3]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is an out-of-bounds read with a SEGV in the
| function Mat_VarReadNextInfo5() in mat5.c.
CVE-2019-9030[4]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a stack-based buffer over-read in
| Mat_VarReadNextInfo5() in mat5.c.
CVE-2019-9031[5]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a NULL pointer dereference in the function
| Mat_VarFree() in mat.c.
CVE-2019-9032[6]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is an out-of-bounds write problem causing a SEGV
| in the function Mat_VarFree() in mat.c.
CVE-2019-9033[7]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a stack-based buffer over-read for the "Rank
| and Dimension" feature in the function ReadNextCell() in mat5.c.
CVE-2019-9034[8]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a stack-based buffer over-read for a memcpy
| in the function ReadNextCell() in mat5.c.
CVE-2019-9035[9]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a stack-based buffer over-read in the
| function ReadNextStructField() in mat5.c.
CVE-2019-9036[10]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a heap-based buffer overflow in the function
| ReadNextFunctionHandle() in mat5.c.
CVE-2019-9037[11]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is a buffer over-read in the function
| Mat_VarPrint() in mat.c.
CVE-2019-9038[12]:
| An issue was discovered in libmatio.a in matio (aka MAT File I/O
| Library) 1.5.13. There is an out-of-bounds read problem with a SEGV in
| the function ReadNextCell() in mat5.c.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-9026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9026
[1] https://security-tracker.debian.org/tracker/CVE-2019-9027
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9027
[2] https://security-tracker.debian.org/tracker/CVE-2019-9028
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9028
[3] https://security-tracker.debian.org/tracker/CVE-2019-9029
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9029
[4] https://security-tracker.debian.org/tracker/CVE-2019-9030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9030
[5] https://security-tracker.debian.org/tracker/CVE-2019-9031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9031
[6] https://security-tracker.debian.org/tracker/CVE-2019-9032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9032
[7] https://security-tracker.debian.org/tracker/CVE-2019-9033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9033
[8] https://security-tracker.debian.org/tracker/CVE-2019-9034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9034
[9] https://security-tracker.debian.org/tracker/CVE-2019-9035
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9035
[10] https://security-tracker.debian.org/tracker/CVE-2019-9036
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9036
[11] https://security-tracker.debian.org/tracker/CVE-2019-9037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9037
[12] https://security-tracker.debian.org/tracker/CVE-2019-9038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9038
[13] https://github.com/tbeu/matio/issues/103
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the debian-science-maintainers
mailing list