CVE-2023-2840

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions gpac versions prior to 2.2.2

Description The issue is related to a NULL Pointer Dereference in the gpac library, specifically in the gf isom fragment add sample ex() function located in isomedia/movie fragments.c. This could allow a remote attacker to execute arbitrary code.

Recommendations For versions prior to 2.2.2, update to version 2.2.2 or later to resolve the issue. As a temporary workaround, consider disabling the gf isom fragment add sample ex() function until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2018-2923

BDU:2023-03581

CVE-2023-2840

DSA-5411-1

Affected Products

Alt Linux

Red Os

Gpac

CVE-2023-2840

Weakness Enumeration

Related Identifiers

Affected Products

References · 19