CVE-2025-2337

NameCVE-2025-2337
DescriptionA vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function Mat_VarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1100992

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libmatio (PTS)bullseye1.5.19-2vulnerable
bookworm1.5.23-2vulnerable
sid, trixie1.5.28-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libmatiosource(unstable)(unfixed)1100992

Notes

[bookworm] - libmatio <postponed> (Minor issue, revisit when fixed upstream)
[bullseye] - libmatio <postponed> (Minor issue, revisit when fixed upstream)
https://github.com/tbeu/matio/issues/267

Search for package or bug name: Reporting problems