CVE-2019-17533 – CVE-2019-17533 is a heap-based buffer over-read... (How to Fix)

Q: What is the severity of CVE-2019-17533?

CVE-2019-17533 has a CVSS score of 8.2 (HIGH). CVE-2019-17533 is a heap-based buffer over-read vulnerability in MATIO library versions before 1.5.18. It allows attackers to read uninitialized memory contents, potentially leading to information disclosure or application crashes. This affects any software using the vulnerable MATIO library for MATLAB file parsing.

📋 TL;DR

CVE-2019-17533 is a heap-based buffer over-read vulnerability in MATIO library versions before 1.5.18. It allows attackers to read uninitialized memory contents, potentially leading to information disclosure or application crashes. This affects any software using the vulnerable MATIO library for MATLAB file parsing.

💻 Affected Systems

Products:

MATIO library
Software using MATIO library for MATLAB file support

Versions: MATIO versions before 1.5.18

Operating Systems: All platforms where MATIO is used

Default Config Vulnerable: ⚠️ Yes

Notes: Any application that uses MATIO to parse MAT files is vulnerable when processing untrusted input.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Matio by Matio Project

View all CVEs affecting Matio →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive memory contents, potential remote code execution through memory corruption chaining, or denial of service through application crashes.

🟠

Likely Case

Application crashes or denial of service when processing malicious MAT files, with possible information leakage of adjacent memory contents.

🟢

If Mitigated

Minimal impact with proper input validation and memory protections; crashes contained within affected process.

🌐 Internet-Facing: MEDIUM - Only affects systems accepting MAT file uploads or processing untrusted MAT files from external sources.

🏢 Internal Only: LOW - Requires processing of malicious MAT files, which is unlikely in controlled internal environments.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires crafting a malicious MAT file; public proof-of-concept exists in OSS-Fuzz reports.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: MATIO 1.5.18 and later

Vendor Advisory: https://github.com/tbeu/matio/commit/651a8e28099edb5fbb9e4e1d4d3238848f446c9a

Restart Required: Yes

Instructions:

1. Update MATIO to version 1.5.18 or later. 2. Rebuild any applications using MATIO. 3. Restart affected services.

🔧 Temporary Workarounds

Input validation

all

Implement strict validation of MAT files before processing

Memory protection

linux

Enable ASLR and other memory protection mechanisms

sysctl -w kernel.randomize_va_space=2

🧯 If You Can't Patch

Implement strict file upload filtering to block MAT files from untrusted sources
Isolate MAT file processing to dedicated containers or sandboxed environments

🔍 How to Verify

Check if Vulnerable:

Check MATIO library version: ldd /path/to/application | grep matio, then check version in headers or shared library

Check Version:

pkg-config --modversion matio || strings /usr/lib/libmatio.so | grep 'MATIO_'

Verify Fix Applied:

Verify MATIO version is 1.5.18 or later and test with known malicious MAT files

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing MAT files
Memory access violation errors
Segmentation faults in MATIO-related processes

Network Indicators:

Unexpected MAT file uploads to web applications
MAT file transfers to systems not expecting them

SIEM Query:

process_name:matio AND (event_type:crash OR error_message:"segmentation fault")

📊 Metadata

CVE ID: CVE-2019-17533

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

CWE: CWE-125

Published: October 13, 2019

Last Updated: November 21, 2024

🔗 References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16856 Exploit,Issue Tracking,Third Party Advisory
https://github.com/tbeu/matio/commit/651a8e28099edb5fbb9e4e1d4d3238848f446c9a Patch
https://lists.debian.org/debian-lts-announce/2020/06/msg00037.html Mailing List,Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16856 Exploit,Issue Tracking,Third Party Advisory
https://github.com/tbeu/matio/commit/651a8e28099edb5fbb9e4e1d4d3238848f446c9a Patch
https://lists.debian.org/debian-lts-announce/2020/06/msg00037.html Mailing List,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-17533, you might also want to check these: