Security
Headlines

Headline

CVE-2022-47657: buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662 · Issue #2355 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662

Thanks for reporting your issue. Please make sure these boxes are checked before submitting your issue - thank you!

buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662

MP4Box - GPAC version 2.1-DEV-rev644-g5c4df2a67-master
(c) 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io

Please cite our work in your research:
    GPAC Filters: https://doi.org/10.1145/3339825.3394929
    GPAC: https://doi.org/10.1145/1291233.1291452

GPAC Configuration: --enable-sanitizer
Features: GPAC_CONFIG_LINUX GPAC_64_BITS GPAC_HAS_IPV6 GPAC_HAS_SSL GPAC_HAS_SOCK_UN GPAC_MINIMAL_ODF GPAC_HAS_QJS GPAC_HAS_LINUX_DVB  GPAC_DISABLE_3D


./configure --enable-sanitizer
make
./MP4Box import -cat poc_bof12.mp4


[HEVC] Error parsing NAL unit type 33
[HEVC] Error parsing Sequence Param Set
[Core] exp-golomb read failed, not enough bits in bitstream !
[HEVC] Error parsing NAL unit type 33
[HEVC] Error parsing Sequence Param Set
[Core] exp-golomb read failed, not enough bits in bitstream !
[HEVC] Error parsing NAL unit type 33
[HEVC] Error parsing Sequence Param Set
[HEVC] 51 layers in VPS but only 4 supported in GPAC
[HEVC] Error parsing NAL unit type 32
[HEVC] Error parsing Video Param Set
[HEVC] Error parsing NAL unit type 33
[HEVC] Error parsing NAL unit type 32
[HEVC] Error parsing Video Param Set
[HEVC] Error parsing NAL unit type 33
[HEVC] Error parsing Sequence Param Set
[HEVC] Error parsing NAL unit type 33
[HEVC] Error parsing Sequence Param Set
Track Importing HEVC - Width 1 Height 6 FPS 25000/1000
[HEVC] 56 layers in VPS but only 4 supported in GPAC
[HEVC] Error parsing NAL unit type 32
[HEVC] Error parsing Video Param Set
media_tools/av_parsers.c:7662:23: runtime error: index 56 out of bounds for type 'u32 [4]'

Related news

Gentoo Linux Security Advisory 202408-21

Gentoo Linux Security Advisory 202408-21 - Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

We use cookies to provide necessary website functionality, and improve your user experience. By using the website, you agree to Privacy Policy and cookies usage.