Debian Libmatio vulnerabilities

CVE-2025-50343 [CRITICAL] CVE-2025-50343: libmatio - An issue was discovered in matio 1.5.28. A heap-based memory corruption can occu... An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in Mat_VarCreateStruct() when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a segmentation fault or heap corruption. Scope: local bookworm: open bull

CVE-2025-2337 [MEDIUM] CVE-2025-2337: libmatio - A vulnerability, which was classified as critical, has been found in tbeu matio ... A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function Mat_VarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: resolved forky: res

CVE-2025-2338 [MEDIUM] CVE-2025-2338: libmatio - A vulnerability, which was classified as critical, was found in tbeu matio 1.5.2... A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdup_vprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: resolved (fixed in 1.5

CVE-2022-1515 [MEDIUM] CVE-2022-1515: libmatio - A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5... A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS. Scope: local bookworm: resolved (fixed in 1.5.22-1) bullseye: resolved (fixed in 1.5.19-2+deb11u1) forky: resolved (fixed in 1.5.22-1) sid: resolved (fixed in 1.5.22-1) trixie: resolved (fixed in 1.5.22-1)

CVE-2021-36977 [MEDIUM] CVE-2021-36977: libmatio - matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based buffer overf... matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MM_memcpy (called from H5MM_malloc and H5C_load_entry), related to use of HDF5 1.12.0. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2020-19497 [HIGH] CVE-2020-19497: libmatio - Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (... Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts. Scope: local bookworm: resolved (fixed in 1.5.19-2) bullseye: resolved (fixed in 1.5.19-2) forky: resolved (fixed in 1.5.19-2) sid: resolved (fixed in 1.5.19-2) trixie:

CVE-2020-36428 [HIGH] CVE-2020-36428: libmatio - matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer o... matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4). Scope: local bookworm: resolved (fixed in 1.5.22-1) bullseye: open forky: resolved (fixed in 1.5.22-1) sid: resolved (fixed in 1.5.22-1) trixie: resolved (fixed in 1.5.22-1)

CVE-2019-13107 [CRITICAL] CVE-2019-13107: libmatio - Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.... Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c Scope: local bookworm: resolved (fixed in 1.5.17-3) bullseye: resolved (fixed in 1.5.17-3) forky: resolved (fixed in 1.5.17-3) sid: resolved (fixed in 1.5.17-3) trixie: resolved (fixed in 1.5.17-3)

CVE-2019-17533 [HIGH] CVE-2019-17533: libmatio - Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, l... Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed. Scope: local bookworm: resolved (fixed in 1.5.17-4) bullseye: resolved (fixed in 1.5.17-4) forky: resolved (fixed in 1.5.17-4) sid: resolved (fixed in 1.5.17-4) trixie: resolved (fixed in 1.

CVE-2019-20017 [MEDIUM] CVE-2019-20017: libmatio - A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c ... A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17. Scope: local bookworm: resolved (fixed in 1.5.19-2) bullseye: resolved (fixed in 1.5.19-2) forky: resolved (fixed in 1.5.19-2) sid: resolved (fixed in 1.5.19-2) trixie: resolved (fixed in 1.5.19-2)

CVE-2019-20020 [MEDIUM] CVE-2019-20020: libmatio - A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c i... A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17. Scope: local bookworm: resolved (fixed in 1.5.19-2) bullseye: resolved (fixed in 1.5.19-2) forky: resolved (fixed in 1.5.19-2) sid: resolved (fixed in 1.5.19-2) trixie: resolved (fixed in 1.5.19-2)

CVE-2019-20018 [MEDIUM] CVE-2019-20018: libmatio - A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio... A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17. Scope: local bookworm: resolved (fixed in 1.5.19-2) bullseye: resolved (fixed in 1.5.19-2) forky: resolved (fixed in 1.5.19-2) sid: resolved (fixed in 1.5.19-2) trixie: resolved (fixed in 1.5.19-2)

CVE-2019-9033 [CRITICAL] CVE-2019-9033: libmatio - An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13... An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for the "Rank and Dimension" feature in the function ReadNextCell() in mat5.c. Scope: local bookworm: resolved (fixed in 1.5.13-2) bullseye: resolved (fixed in 1.5.13-2) forky: resolved (fixed in 1.5.13-2) sid: resolved (fixed in 1.5.13-2) tri

CVE-2019-20052 [MEDIUM] CVE-2019-20052: libmatio - A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because S... A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-9032 [HIGH] CVE-2019-9032: libmatio - An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13... An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds write problem causing a SEGV in the function Mat_VarFree() in mat.c. Scope: local bookworm: resolved (fixed in 1.5.13-2) bullseye: resolved (fixed in 1.5.13-2) forky: resolved (fixed in 1.5.13-2) sid: resolved (fixed in 1.5.13-2) trixie: resolved (fixed in 1.5.

CVE-2019-9027 [HIGH] CVE-2019-9027: libmatio - An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13... An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow problem in the function ReadNextCell() in mat5.c. Scope: local bookworm: resolved (fixed in 1.5.13-2) bullseye: resolved (fixed in 1.5.13-2) forky: resolved (fixed in 1.5.13-2) sid: resolved (fixed in 1.5.13-2) trixie: resolved (fixed in 1.5.13-2)

CVE-2019-9036 [HIGH] CVE-2019-9036: libmatio - An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13... An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function ReadNextFunctionHandle() in mat5.c. Scope: local bookworm: resolved (fixed in 1.5.13-2) bullseye: resolved (fixed in 1.5.13-2) forky: resolved (fixed in 1.5.13-2) sid: resolved (fixed in 1.5.13-2) trixie: resolved (fixed in 1.5.13-2)

CVE-2019-9029 [HIGH] CVE-2019-9029: libmatio - An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13... An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read with a SEGV in the function Mat_VarReadNextInfo5() in mat5.c. Scope: local bookworm: resolved (fixed in 1.5.13-2) bullseye: resolved (fixed in 1.5.13-2) forky: resolved (fixed in 1.5.13-2) sid: resolved (fixed in 1.5.13-2) trixie: resolved (fixed in 1.5.13

CVE-2019-9034 [CRITICAL] CVE-2019-9034: libmatio - An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13... An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for a memcpy in the function ReadNextCell() in mat5.c. Scope: local bookworm: resolved (fixed in 1.5.13-2) bullseye: resolved (fixed in 1.5.13-2) forky: resolved (fixed in 1.5.13-2) sid: resolved (fixed in 1.5.13-2) trixie: resolved (fixed in

CVE-2019-9038 [HIGH] CVE-2019-9038: libmatio - An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13... An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read problem with a SEGV in the function ReadNextCell() in mat5.c. Scope: local bookworm: resolved (fixed in 1.5.13-2) bullseye: resolved (fixed in 1.5.13-2) forky: resolved (fixed in 1.5.13-2) sid: resolved (fixed in 1.5.13-2) trixie: resolved (fixed in 1.5.13