Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-0819: mpeg2ts: add section size check (#2395) · gpac/gpac@d067ab3

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.

CVE
#vulnerability#git#buffer_overflow

Skip to content

    • Actions

      Automate any workflow

    • Packages

      Host and manage packages

    • Security

      Find and fix vulnerabilities

    • Codespaces

      Instant dev environments

    • Copilot

      Write better code with AI

    • Code review

      Manage code changes

    • Issues

      Plan and track work

    • Discussions

      Collaborate outside of code

*   Explore
*   All features
*   Documentation
*   GitHub Skills
*   Blog
    • For

    • Enterprise

    • Teams

    • Startups

    • Education

    • By Solution

    • CI/CD & Automation

    • DevOps

    • DevSecOps

    • Case Studies

    • Customer Stories

    • Resources

    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

*   Repositories
*   Topics
*   Trending
*   Collections
  • Pricing

  • Notifications

  • Fork 450

  • Code

  • Issues 18

  • Pull requests 3

  • Wiki

  • Security

  • Insights

Permalink

Showing 1 changed file with 5 additions and 0 deletions.

@@ -946,6 +946,11 @@ static void gf_m2ts_process_tdt_tot(GF_M2TS_Demuxer *ts, GF_M2TS_SECTION_ES *tdt

return;

}

if (data_size < 5) {

GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("[MPEG-2 TS] Section data size too small to read date (len: %u)\n", data_size));

return;

}

/*UTC_time - see annex C of DVB-SI ETSI EN 300468*/

/* decodes an Modified Julian Date (MJD) into a Co-ordinated Universal Time (UTC)

See annex C of DVB-SI ETSI EN 300468 */

0 comments on commit d067ab3

Please sign in to comment.

Related news

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907