Описание
An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gpac | fixed | 1.0.1+dfsg1-2 | package | |
| gpac | end-of-life | buster | package | |
| gpac | end-of-life | stretch | package |
Примечания
https://github.com/gpac/gpac/issues/1482
Fixed by fixes for related bugs, no specific commit identified upstream
poc tested with 1.0.1+dfsg1-4+deb11u1
https://github.com/gpac/gpac/commit/e4ed32bf56fc02fb8a04b9e13f4d7bdae2b3ae12 (v0.9.0-preview)
EPSS
Связанные уязвимости
An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
Уязвимость функции stbl_GetSampleSize компонента isomedia/stbl_read.c мультимедийной платформы GPAC, позволяющая нарушителю вызвать отказ в обслуживании
EPSS