Lucene search

Veracode Vulnerability DatabaseVERACODE:44059

HistoryOct 30, 2023 - 9:57 a.m.

Denial Of Service (DoS)

2023-10-3009:57:07

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

vulnerability

libmatio.so

readnextfunctionhandle

mat5.c

application crash

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.9%

JSON

libmatio.so is vulnerable to Denial Of Service (DoS). The vulnerability exists in ReadNextFunctionHandle function at mat5.c which allows an attacker to cause an application crash.

CPENameOperatorVersion
libmatio.sole11.0.3
libmatio.sole11.0.3

CPE	Name	Operator	Version
	libmatio.so	le	11.0.3
	libmatio.so	le	11.0.3

References

bugzilla.suse.com/show_bug.cgi?id=1199003

github.com/tbeu/matio/commit/b53b62b756920f4c1509f4ee06427f66c3b5c9c4

github.com/tbeu/matio/issues/186

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.9%

JSON

Related for VERACODE:44059