CNNVD-202512-5077 Information
CNNVD ID
CNNVD-202512-5077
Related CVE
- CNNVD Published: 2025-12-30
Description (Chinese)
MATIO是tbeu个人开发者的一款用于读写二进制MATLAB MAT文件的开源C语言库。 MATIO 1.5.28版本存在安全漏洞,该漏洞源于Mat_VarCreateStruct函数中nfields值与字段数组中的实际字符串数量不匹配,可能导致越界读取和无效内存释放,进而引发分段错误或堆损坏。
Description (English)
MATIO is an open-source C-language library for reading and writing binary MATLAB MAT files for tbeu personal developers. MATIO 1.5.28 has a security loophole, which stems from the mismatch between the nfields values in the Mat VarCreateStruct function and the actual number of strings in the field arrays, which may result in cross-border reading and invalid memory release, leading to segment errors or stack damage.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-12-30
Last Modified
2026-02-24
References
https://github.com/tbeu/matio/issues/275 https://github.com/zakkanijia/POC/blob/main/matio/CVE-2025-50343/matio.md
Patch
https://github.com/tbeu/matio/releases
Share on: