Описание
The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gpac | fixed | 2.0.0+dfsg1-2 | package | |
| gpac | ignored | bullseye | package | |
| gpac | ignored | buster | package | |
| gpac | ignored | stretch | package |
Примечания
https://github.com/gpac/gpac/commit/1653f31cf874eb6df964bea88d58d8e9b98b485e (v2.0.0)
https://github.com/gpac/gpac/issues/1770
Связанные уязвимости
The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Уязвимость функции gf_hinter_finalize команды MP4Box мультимедийной платформы GPAC, позволяющая нарушителю вызвать отказ в обслуживании