Описание
An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gpac | fixed | 1.0.1+dfsg1-2 | package | |
| gpac | end-of-life | buster | package | |
| gpac | end-of-life | stretch | package | |
| ccextractor | fixed | 0.93+ds2-1 | package | |
| ccextractor | no-dsa | bullseye | package | |
| ccextractor | no-dsa | buster | package |
Примечания
https://github.com/gpac/gpac/issues/1422
https://github.com/gpac/gpac/commit/8c5e847185d74462d674ee7d28fb46c29dae6dd2
EPSS
Связанные уязвимости
An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.
An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.
An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.
Уязвимость функции gf_m2ts_section_complete компонента media_tools/mpegts мультимедийной платформы GPAC, позволяющая нарушителю вызвать отказ в обслуживании
EPSS