PT-2023-5250 · Gpac+2 · Gpac+2
Published
2023-09-01
·
Updated
2023-09-25
·
CVE-2023-4721
CVSS v3.1
5.9
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
GPAC versions prior to 2.3-DEV
Description
The issue is related to an out-of-bounds read in the GPAC multimedia platform, specifically in the
MPEG12 ParseSeqHdr function. This can lead to a denial of service. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited. Technical details include the MPEG12 ParseSeqHdr function in the media tools/mpeg2 ps.c file.Recommendations
For versions prior to 2.3-DEV, update to version 2.3-DEV or later to resolve the issue. As a temporary workaround, consider restricting access to the
MPEG12 ParseSeqHdr function in the media tools/mpeg2 ps.c file until a patch is available.Exploit
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Gpac
Red Os