PT-2023-5554 · Gpac+2 · Gpac+2

Xiaoxiaoafeifei

Publicado

2023-09-11

Atualizado

2023-09-26

CVE-2023-41000

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GPAC versions through 2.2.1

Description The issue is related to the incorrect use of dynamic memory in the gf bifs flush command list function of the GPAC multimedia platform. This can lead to a denial of service when exploited. The vulnerability is a use-after-free issue in the gf bifs flush command list function located in bifs/memory decoder.c.

Recommendations For GPAC versions through 2.2.1, update to a version that fixes the use-after-free vulnerability in the gf bifs flush command list function. As a temporary workaround, consider restricting access to the gf bifs flush command list function until a patch is available.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

BDU:2023-06205

CVE-2023-41000

Produtos afetados

Debian

Gpac

Red Os

PT-2023-5554 · Gpac+2 · Gpac+2

CVE-2023-41000

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13