CVE-2023-47384

Name of the Vulnerable Software and Affected Versions MP4Box GPAC version 2.3-DEV-rev617-g671976fcc-master

Description The issue is related to a memory leak in the gf isom add chapter function at /isomedia/isom write.c. This allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. The vulnerability can be exploited by creating a malicious MP4 file, which may lead to service disruption.

Recommendations For MP4Box GPAC version 2.3-DEV-rev617-g671976fcc-master, consider disabling the gf isom add chapter function as a temporary workaround until a patch is available. Restrict the processing of crafted MP4 files to minimize the risk of exploitation.