CVE-2026-31968
Heap and Stack Buffer Overflow in HTSlib CRAM Encoding
Publication date: 2026-03-18
Last updated on: 2026-03-19
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| htslib | htslib | to 1.21.1 (exc) |
| htslib | htslib | From 1.22 (inc) to 1.22.2 (exc) |
| htslib | htslib | 1.23 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
| CWE-843 | The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in HTSlib, a library used for reading and writing bioinformatics file formats, specifically in the CRAM compressed format which stores DNA sequence alignment data. The issue arises from incomplete validation of the context in which the VARINT and CONST encodings are used. This can cause up to eight bytes to be written beyond the end of a heap allocation or overwrite a one-byte variable on the stack, potentially altering adjacent variables unexpectedly.
Depending on the data stream, this flaw can lead to either a heap buffer overflow or a stack overflow. If a user opens a specially crafted file exploiting this vulnerability, it could cause the program to crash, overwrite data structures on the heap or stack in unintended ways, or even change the program's control flow. This may allow an attacker to execute arbitrary code.
Versions 1.23.1, 1.22.2, and 1.21.1 of HTSlib include fixes for this issue, and there is no known workaround.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the program using HTSlib to crash or behave unpredictably when processing maliciously crafted CRAM files. It can lead to memory corruption through heap or stack buffer overflows, which may overwrite important data structures.
More seriously, an attacker could exploit this flaw to alter the control flow of the program, potentially allowing arbitrary code execution. This means an attacker could run malicious code on your system with the privileges of the affected program, leading to data compromise, system instability, or further attacks.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There is no specific detection method or commands provided in the available information to identify this vulnerability on your network or system.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade HTSlib to a fixed version. Versions 1.23.1, 1.22.2, and 1.21.1 include fixes for this vulnerability.
There is no workaround available for this issue, so updating the software is essential to prevent exploitation.