Treebacker

**Name of the Vulnerable Software and Affected Versions** SoX (affected versions not specified) **Description** A heap-buffer-overflow occurs in the `lsx read w buf()` function in the formats i.c file. This issue is exploitable with a crafted file, which could cause an application to crash. The vulnerability is related to the lack of input validation, allowing an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoX (affected versions not specified) **Description** The issue is related to a divide-by-zero error in the `read samples()` function of the `voc.c` file in the SoX sound processing program. This error can be exploited by an attacker using a specially crafted file, potentially causing the application to crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.0.1 **Description** The issue is a Null Pointer Dereference in the `gf filter pck new alloc internal` function, located in `filter core/filter pck.c`. This occurs because the `ctx.opid` may be `NULL`, causing a crash. The `pid` is derived from the `av1dmx parse flush sample` function. **Recommendations** For GPAC version 1.0.1, as a temporary workaround, consider disabling the `gf filter pck new alloc internal` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.0.1 **Description** A crafted file may cause `ctx->hdr.frame size` to be smaller than `ctx->hdr.hdr size`, resulting in a negative size and a heap overflow in the `memcpy` function. This issue is related to the `adts dmx process` function in `filters/reframe adts.c`. **Recommendations** For GPAC version 1.0.1, consider applying a patch or fix to prevent the heap overflow in the `memcpy` function. As a temporary workaround, consider restricting the use of crafted files that may trigger this issue until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue is related to an integer overflow in the `gf props assign value` function, located in `filter core/filter props.c`. This overflow occurs when the `value->value.data.size` is a negative number, causing the `memcpy` in `gf props assign value` to fail. Recommendations: For GPAC version 1.0.1, as a temporary workaround, consider restricting the use of the `gf props assign value` function until a patch is available. Additionally, ensure that the `value->value.data.size` is validated to prevent negative numbers. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.0.1 **Description** The issue is caused by an integer overflow in the `gf avc read pps bs internal` function in `media tools/av parsers.c`. This occurs because `pps id` can be a negative number, leading to an overflow since `avc->pps` only has 255 units, resulting in a crash. **Recommendations** For GPAC version 1.0.1, as a temporary workaround, consider disabling the `gf avc read pps bs internal` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.0.1 **Description** The issue is related to a Null Pointer Dereference in the `gf filter pck get data` function, which can be triggered by a crafted mp4 file. This results in a crash when the first argument `pck` is null. **Recommendations** For GPAC version 1.0.1, consider avoiding the use of crafted mp4 files that may cause the `gf filter pck get data` function to be called with a null `pck` argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.0.1 **Description** The issue arises in the `gf hevc read pps bs internal` function, located in `media tools/av parsers.c`. A crafted file can cause `pps->num tile columns` to be larger than `sizeof(pps->column width)`, resulting in a heap overflow in the loop. **Recommendations** For GPAC version 1.0.1, as a temporary workaround, consider disabling the `gf hevc read pps bs internal` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.0.1 **Description** The issue is related to an integer overflow in the `hevc parse slice segment` function located in `media tools/av parsers.c`, which can cause a crash. **Recommendations** For GPAC version 1.0.1, consider applying a patch or fix that addresses the integer overflow in the `hevc parse slice segment` function to prevent crashes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.