CVE-2020-19497

Published: Jul 21, 2021Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts.

Affected (1)

Products: Matio Project: Matio

Matio Project

1 product

Matio

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Matio Project Matio	Version 1.5.17

Related CWEs

CWE-190

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (4)

https://github.com/tbeu/matio/commit/5fa49ef9fc4368fe3d19b5fdaa36d8fa5e7f4606

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/tbeu/matio/issues/121

Source: cve@mitre.org

ExploitPatchThird Party Advisory

https://github.com/tbeu/matio/commit/5fa49ef9fc4368fe3d19b5fdaa36d8fa5e7f4606

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/tbeu/matio/issues/121

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

Timeline

No history available yet.