CVE-2020-19481

Name of the Vulnerable Software and Affected Versions GPAC versions prior to 0.8.0

Description The issue is related to an invalid memory read in the gf m2ts process pmt function within the media tools/mpegts.c component of the GPAC multimedia platform. This can cause a denial of service when a crafted MP4 file is processed. The vulnerability can be exploited by a remote attacker to disrupt service.

Recommendations For GPAC versions prior to 0.8.0, update to version 0.8.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the gf m2ts process pmt function in media tools/mpegts.c to minimize the risk of exploitation. Avoid using crafted MP4 files that could trigger the denial of service until the issue is resolved.