AttackFeed by Joe Wagner | Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib  - Full Disclosure

Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib  – Full Disclosure

Posted on By Joe-W No Comments on Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib  – Full Disclosure
Alert Feeds

 

Posted by Ron E on Sep 30

A denial-of-service vulnerability exists in Samtools and the underlying
HTSlib when processing BED files containing extremely large interval
values. The bed_index_core() function in bedidx.c uses the interval end
coordinate to calculate allocation size without sufficient validation. By
supplying a BED record with a crafted end coordinate (e.g., near 2^61), an
attacker can trigger uncontrolled memory allocation requests via
hts_resize_array_()….
 – Read More  – Full Disclosure 

You may also like

Alert Feeds
libheif v1.21.0 Out-of-Bounds Read in FullBox::get_flags  – Full Disclosure
September 8, 2025
Alert Feeds
User Enumeration in IServ Schoolserver Web Login  – Full Disclosure
September 10, 2025
Alert Feeds
(iOS 18.6.2) Improper Input Validation in Siri Shortcuts and Shared Web Credentials  – Full Disclosure
September 8, 2025
Alert Feeds
SEC Consult SA-20250908-0 :: NFC Card Vulnerability Exploitation Leading to Free Top-Up in KioSoft “Stored Value” Unattended Payment Solution (Mifare)  – Full Disclosure
September 8, 2025

Leave a Reply

AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.