CVE-2025-54492: 
Linux Debian vulnerability analysis and mitigation

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). The vulnerability was discovered and reported by Cisco Talos on August 25, 2025. The affected software versions include libbiosig 3.9.0 and libbiosig Master Branch (35a819fa) (Talos Report, NVD).

The vulnerability occurs when processing MFER (Medical waveform Format Encoding Rules) files. When the Tag is 67 (0x43: Sample skew), a stack overflow can occur using smaller values of 'len' in this code path. The vulnerability manifests on line 9141 of biosig.c on the current master branch (35a819fa). The issue involves the address of a newly-defined integer 'skew' being overflowed instead of 'buf'. The vulnerability has been assigned a CVSS v3.1 base score of 9.8 CRITICAL (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (Talos Report).

A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability, potentially resulting in complete system compromise due to the high severity rating (Talos Report).

The vulnerability has been fixed in libbiosig version 3.9.1. Users are recommended to update libbiosig and all its applications. For dynamically linked applications, only libbiosig.{so,dll,dylib} needs to be replaced. For statically linked applications, recompilation is required (Biosig Release).