Описание
The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gpac | fixed | 1.0.1+dfsg1-4 | package | |
| gpac | not-affected | buster | package | |
| gpac | not-affected | stretch | package |
Примечания
https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50
https://github.com/gpac/gpac/issues/1738
EPSS
Связанные уязвимости
The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
EPSS