Описание
The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gpac | fixed | 2.0.0+dfsg1-2 | package | |
| gpac | end-of-life | buster | package | |
| gpac | end-of-life | stretch | package |
Примечания
https://github.com/gpac/gpac/issues/1893
https://github.com/gpac/gpac/commit/7bb1b4a4dd23c885f9db9f577dfe79ecc5433109 (v2.0.0)
Связанные уязвимости
CVSS3: 5.5
ubuntu
около 4 лет назад
The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service.
CVSS3: 5.5
nvd
около 4 лет назад
The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service.
CVSS3: 5.5
github
около 4 лет назад
The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service.