Описание
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gpac | fixed | 1.0.1+dfsg1-2 | package | |
| gpac | ignored | buster | package | |
| gpac | end-of-life | stretch | package |
Примечания
https://github.com/gpac/gpac/issues/1339
https://github.com/gpac/gpac/commit/7644478ecfa25fd9505ee11ef12deb475cd97025
https://github.com/gpac/gpac/commit/524e2bbdb294d5aa4c84bf83db4d328a588b55f7
Commit 7644478ecf depends on part of 524e2bbdb2 (specifically, the second hunk of the change to src/isomedia/avc_ext.c)
Связанные уязвимости
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.