CVE-2021-4043

Name of the Vulnerable Software and Affected Versions gpac versions prior to 1.1.0

Description The issue is related to a null pointer dereference in the gpac multimedia platform. This can be exploited to cause a denial of service. The vulnerability is being actively exploited in the wild, with reports of malware, such as "Perfctl", using it for privilege escalation and other malicious activities on Linux servers. The malware can run crypto miners and perform proxyjacking undetected, using a rootkit to evade defense. Thousands of machines running Linux have been infected since 2021.

Recommendations For gpac versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the gpac multimedia platform until a patch is applied. Additionally, monitor for suspicious activity related to the "Perfctl" malware and take measures to prevent its execution.