Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 891305 (CVE-2023-0358, CVE-2023-0760, CVE-2023-0770, CVE-2023-0817, CVE-2023-0818, CVE-2023-0819, CVE-2023-0841, CVE-2023-0866, CVE-2023-1448, CVE-2023-1449, CVE-2023-1452, CVE-2023-1654, CVE-2023-1655, CVE-2023-23143, CVE-2023-23144, CVE-2023-23145)

Summary: <media-video/gpac-2.2.1: multiple vulnerabilities
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: normal CC: media-video
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [stable?]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-18 14:41:46 UTC
CVE-2023-0358 (https://huntr.dev/bounties/93e128ed-253f-4c42-81ff-fbac7fd8f355):

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV.

Patch: https://github.com/gpac/gpac/commit/9971fb125cf91cefd081a080c417b90bbe4a467b
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-20 21:39:43 UTC
CVE-2023-23143 (https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6):

Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master.

CVE-2023-23144 (https://github.com/gpac/gpac/commit/3a2458a49b3e6399709d456d7b35e7a6f50cfb86):

Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master.

CVE-2023-23145 (https://github.com/gpac/gpac/commit/4ade98128cbc41d5115b97a41ca2e59529c8dd5f):

GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-04-25 00:52:53 UTC
CVE-2023-1654 (https://huntr.dev/bounties/33652b56-128f-41a7-afcc-10641f69ff14):
https://github.com/gpac/gpac/commit/2c055153d401b8c49422971e3a0159869652d3da

Denial of Service in GitHub repository gpac/gpac prior to 2.4.0.

CVE-2023-1654 (https://huntr.dev/bounties/33652b56-128f-41a7-afcc-10641f69ff14):
https://github.com/gpac/gpac/commit/2c055153d401b8c49422971e3a0159869652d3da

Denial of Service in GitHub repository gpac/gpac prior to 2.4.0.

CVE-2023-1448 (https://github.com/gpac/gpac/issues/2388):

A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability.

CVE-2023-1449 (https://github.com/gpac/gpac/issues/2387):

A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability.

CVE-2023-1452 (https://github.com/gpac/gpac/issues/2386):

A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability.

CVE-2023-0866 (https://huntr.dev/bounties/7d3c5792-d20b-4cb6-9c6d-bb14f3430d7f):
https://github.com/gpac/gpac/commit/b964fe4226f1424cf676d5822ef898b6b01f5937

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV.

CVE-2023-0841 (https://vuldb.com/?id.221087):
https://vuldb.com/?ctiid.221087
https://github.com/qianshuidewajueji/poc/blob/main/gpac/mp3_dmx_process_poc3

A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087.

CVE-2023-0817 (https://huntr.dev/bounties/cb730bc5-d79c-4de6-9e57-10e8c3ce2cf3):
https://github.com/gpac/gpac/commit/be9f8d395bbd196e3812e9cd80708f06bcc206f7

Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.

CVE-2023-0818 (https://huntr.dev/bounties/038e7472-f3e9-46c2-9aea-d6dafb62a18a):
https://github.com/gpac/gpac/commit/377ab25f3e502db2934a9cf4b54739e1c89a02ff

Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.

CVE-2023-0819 (https://huntr.dev/bounties/35793610-dccc-46c8-9f55-6a24c621e4ef):
https://github.com/gpac/gpac/commit/d067ab3ccdeaa340e8c045a0fd5bcfc22b809e8f

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.

CVE-2023-0770 (https://huntr.dev/bounties/e0fdeee5-7909-446e-9bd0-db80fd80e8dd):
https://github.com/gpac/gpac/commit/c31941822ee275a35bc148382bafef1c53ec1c26

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.

CVE-2023-0760 (https://huntr.dev/bounties/d06223df-a473-4c82-96d0-23726b844b21):
https://github.com/gpac/gpac/commit/ea7395f39f601a7750d48d606e9d10ea0b7beefe

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV.


All are clearly patched in master except for CVE-2023-0841, which only
has references to VulDB and an apparent PoC. Thanks VulDB...
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-07 17:36:29 UTC
CVE-2023-1655 (https://github.com/gpac/gpac/commit/e7f96c2d3774e4ea25f952bcdf55af1dd6e919f4):

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.

All of these fixes are backported to 2.2.1 according to https://github.com/gpac/gpac/releases/tag/v2.2.1.