CVE-2023-46426

Name of the Vulnerable Software and Affected Versions GPAC version 2.3-DEV-rev588-g7edc40fee-master

Description The issue is related to a heap-based buffer overflow vulnerability in the gf fwrite component of the GPAC multimedia platform. This vulnerability can be exploited by a remote attacker to cause a denial of service (DoS) or potentially execute arbitrary code. The vulnerability is associated with the gf fwrite component in the utils/os file.c file.

Recommendations For GPAC version 2.3-DEV-rev588-g7edc40fee-master, consider disabling the gf fwrite component as a temporary workaround until a patch is available. Restrict access to the utils/os file.c file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.