CVE-2024-6063

Name of the Vulnerable Software and Affected Versions: GPAC version 2.5-DEV-rev228-g11067ea92-master

Description: A problematic issue has been found, affecting the function m2tsdmx on event of the file src/filters/dmx m2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack must be approached locally. The exploit has been disclosed to the public and may be used.

Recommendations: Apply a patch to fix this issue, specifically the patch named 8767ed0a77c4b02287db3723e92c2169f67c85d5. As a temporary workaround, consider disabling the m2tsdmx on event function until a patch is available.