CVE-2025-53853: 
Linux Debian vulnerability analysis and mitigation

A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). The vulnerability was discovered by Mark Bereza and Lilith of Cisco Talos and was disclosed on August 25, 2025. The vulnerability affects the ISHNE ECG annotations file parsing component of libbiosig, which is an open source library designed to process various types of medical signal data (Talos).

The vulnerability (CVE-2025-53853) is caused by a heap-based buffer overflow in the ISHNE parsing functionality. The issue occurs when processing specially crafted ISHNE ECG annotations files, where the calculation of hdr->EVENT.N can result in 0 if hdr->FILE.size and hdr->HeadLen are equal or sufficiently close. This leads to the allocation of undersized buffers for hdr->EVENT.TYP and hdr->EVENT.POS, resulting in out-of-bounds writes with attacker-controlled data. The vulnerability has received a CVSS v3.1 base score of 9.8 (CRITICAL) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (Talos).

The vulnerability can lead to arbitrary code execution when a malicious ISHNE ECG annotations file is processed. Given that libbiosig is used in various scientific software for interpreting biomedical signal data, including as a core component in biosig APIs for Octave and Matlab, and in sigviewer, the potential impact is significant (Talos).

The vulnerability was patched by the vendor on August 24, 2025. Users are advised to update to a version newer than libbiosig 3.9.0 or a commit after 35a819fa in the Master Branch (Talos).