Security
Headlines
HeadlinesLatestCVEs

Headline

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Packet Storm
#mac#linux#debian#dos

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Debian Security Advisory DSA-5411-1 [email protected]
https://www.debian.org/security/ Aron Xu
May 26, 2023 https://www.debian.org/security/faq


Package : gpac
CVE ID : CVE-2020-35980 CVE-2021-4043 CVE-2021-21852 CVE-2021-33361
CVE-2021-33363 CVE-2021-33364 CVE-2021-33365 CVE-2021-33366
CVE-2021-36412 CVE-2021-36414 CVE-2021-36417 CVE-2021-40559
CVE-2021-40562 CVE-2021-40563 CVE-2021-40564 CVE-2021-40565
CVE-2021-40566 CVE-2021-40567 CVE-2021-40568 CVE-2021-40569
CVE-2021-40570 CVE-2021-40571 CVE-2021-40572 CVE-2021-40574
CVE-2021-40575 CVE-2021-40576 CVE-2021-40592 CVE-2021-40606
CVE-2021-40608 CVE-2021-40609 CVE-2021-40944 CVE-2021-41456
CVE-2021-41457 CVE-2021-41459 CVE-2021-45262 CVE-2021-45263
CVE-2021-45267 CVE-2021-45291 CVE-2021-45292 CVE-2021-45297
CVE-2021-45760 CVE-2021-45762 CVE-2021-45763 CVE-2021-45764
CVE-2021-45767 CVE-2021-45831 CVE-2021-46038 CVE-2021-46039
CVE-2021-46040 CVE-2021-46041 CVE-2021-46042 CVE-2021-46043
CVE-2021-46044 CVE-2021-46045 CVE-2021-46046 CVE-2021-46047
CVE-2021-46049 CVE-2021-46051 CVE-2022-1035 CVE-2022-1222
CVE-2022-1441 CVE-2022-1795 CVE-2022-2454 CVE-2022-3222
CVE-2022-3957 CVE-2022-4202 CVE-2022-24574 CVE-2022-24577
CVE-2022-24578 CVE-2022-26967 CVE-2022-27145 CVE-2022-27147
CVE-2022-29537 CVE-2022-36190 CVE-2022-36191 CVE-2022-38530
CVE-2022-43255 CVE-2022-45202 CVE-2022-45283 CVE-2022-45343
CVE-2022-47086 CVE-2022-47091 CVE-2022-47094 CVE-2022-47095
CVE-2022-47657 CVE-2022-47659 CVE-2022-47660 CVE-2022-47661
CVE-2022-47662 CVE-2022-47663 CVE-2023-0770 CVE-2023-0818
CVE-2023-0819 CVE-2023-0866 CVE-2023-1448 CVE-2023-1449
CVE-2023-1452 CVE-2023-1654 CVE-2023-2837 CVE-2023-2838
CVE-2023-2839 CVE-2023-2840 CVE-2023-23143 CVE-2023-23144
CVE-2023-23145

Multiple issues were found in GPAC multimedia framework, whcih could result
in denial of service or potentially the execution of arbitrary code.

For the stable distribution (bullseye), these problems have been fixed in
version 1.0.1+dfsg1-4+deb11u2.

We recommend that you upgrade your gpac packages.

For the detailed security status of gpac please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gpac

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmRwutMACgkQO1LKKgqv
2VQhxgf/aXBHEqvI+O12zLVGiSFBgAgP0WpynhRv+ESync2+EFNBpF/1/w0CAhVr
mn3NWsUxj21u4Pm9YjfvG7+YXaDTaEqkrgwVknvZKwV6KY42mSEvztWfqTk5xEe1
Hi7MUL+xKIjUblcgFxNSEAZkb/u9XO3KE7XbPKqNE+FZtz+K95Vtq7CGx+jvpa/F
Q+e286fsay38RYsI+ESqxe8N5WYljiIph/thot/uawV6vSNYqR1te4wzn//AkDvL
ADq4Hsr3yQSpDbPEToJwS+Q/Gd4YH7IsqtdSMWdtnrxC6Ri4zSrq+AlOvPe7xM35
aIUZuLxhqlp6rmBBhNYefgqTiX1vdg==
=faP5
-----END PGP SIGNATURE-----

Related news

Stealthy Malware Has Infected Thousands of Linux Systems for Years

Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities.

New Linux Malware ‘Perfctl’ Targets Millions by Mimicking System Files

New Linux malware ‘Perfctl’ is targeting millions worldwide, mimicking system files to evade detection. This sophisticated malware compromises…

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. "Perfctl is particularly elusive and persistent, employing several sophisticated techniques," Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker News. "When a new user logs

Near-'perfctl' Fileless Malware Targets Millions of Linux Servers

Armed with a staggering arsenal of at least 20,000 different exploits for various Linux server misconfigurations, perfctl is everywhere, annoying, and tough to get rid of.

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. "Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions," Cado Security researchers Tara Gould and Nate Bill said in an analysis published today. "However, Selenium Grid's default configuration lacks

Hackers Proxyjack & Cryptomine Selenium Grid Servers

A vendor honeypot caught two attacks intended to leverage the tens of thousands of exposed Selenium Grid Web app testing servers.

Gentoo Linux Security Advisory 202408-21

Gentoo Linux Security Advisory 202408-21 - Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected.

CVE-2023-2840

NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2.

CVE-2023-2838: fixed #2475 · gpac/gpac@c88df2e

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.

CVE-2023-2839

Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2.

CVE-2023-2837: fixed #2473 · gpac/gpac@6f28c4c

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.

CVE-2023-1654

Denial of Service in GitHub repository gpac/gpac prior to 2.4.0.

CVE-2023-1448

A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability.

CVE-2023-1452

A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability.

CVE-2023-1449

A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability.

CVE-2023-0866

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV.

CVE-2023-0818: fix a5efec8 to cover more cases (#2397) · gpac/gpac@377ab25

Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.

CVE-2023-0819: mpeg2ts: add section size check (#2395) · gpac/gpac@d067ab3

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.

CVE-2023-0770: fixed #2316 · gpac/gpac@c319418

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.

CVE-2023-23144: fixed #2364 · gpac/gpac@3a2458a

Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master.

CVE-2023-23145: fixed #2365 · gpac/gpac@4ade981

GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function.

CVE-2023-23143: fixed #2366 · gpac/gpac@af6a5e7

Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master.

CVE-2022-47663: buffer overflow in h263dmx_process filters/reframe_h263.c:609 · Issue #2360 · gpac/gpac

GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609

CVE-2022-47662: Infinite recursion in Media_GetSample isomedia/media.c:662 · Issue #2359 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662

CVE-2022-47657: buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662 · Issue #2355 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662

CVE-2022-47661: heap-buffer-overflow media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes · Issue #2358 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes

CVE-2022-47660: integer overflow in isomedia/isom_write.c:4931 · Issue #2357 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c

CVE-2022-47095: Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c · Issue #2346 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c

CVE-2022-47094: Null pointer dereference filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid · Issue #2345 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid

CVE-2022-47091: Buffer overflow in gf_text_process_sub function of filters/load_text.c · Issue #2343 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c

CVE-2022-47086: missing check in gf_sm_load_init_swf, causing Segmentation fault · Issue #2337 · gpac/gpac

GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c

CVE-2022-45283: GPAC-2.0.0 MP4Box: stack overflow with unlimited length and controllable content in smil_parse_time_list · Issue #2295 · gpac/gpac

GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.

CVE-2022-45343: Heap use after free in Q_IsTypeOn at gpac/src/bifs/unquantize.c · Issue #2315 · gpac/gpac

GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c.

CVE-2022-4202

A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214518 is the identifier assigned to this vulnerability.

CVE-2022-45202: Stack buffer overflow in function dimC_box_read at isomedia/box_code_3gpp.c:1070 · Issue #2296 · gpac/gpac

GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c.

CVE-2022-3957: fixed mem leak in sgv parse error · gpac/gpac@2191e66

A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463.

CVE-2022-43255: Memory Leak in gf_odf_new_iod odf/odf_code.c:415 · Issue #2285 · gpac/gpac

GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_odf_new_iod at odf/odf_code.c.

CVE-2022-3222: Segmentation Fault in SFS_Expression in gpac

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.

CVE-2022-38530: AddressSanitizer: stack-overflow when processing ISOM_IOD · Issue #2216 · gpac/gpac

GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.

CVE-2022-36191: heap-buffer-overflow in function gf_isom_dovi_config_get · Issue #2218 · gpac/gpac

A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242.

CVE-2022-36190: Heap Use After Free in function gf_isom_dovi_config_get · Issue #2220 · gpac/gpac

GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.

CVE-2022-2454: fixed #2213 · gpac/gpac@faa75ed

Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.

CVE-2021-40608: BUG : free on unknown addrees in MP4BOX at gf_hinter_track_finalize media_tools/isom_hinter.c:956 · Issue #1883 · gpac/gpac

The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40606: Bug: Memcpy from unknown addrees in MP4BOX at src/utils/bitstream.c:1028 · Issue #1885 · gpac/gpac

The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40609: heap-buffer-overflow in MP4BOX at souce file src/isomedia/hint_track.c:46 · Issue #1894 · gpac/gpac

The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40944: Null pointer reference in GPAC at src/filter_core/filter_pid.c:5394 · Issue #1906 · gpac/gpac

In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS).

CVE-2021-40592: Infinite Loop in MP4Box · Issue #1876 · gpac/gpac

GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file.

CVE-2022-1795: Use After Free in gpac

Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV.

CVE-2022-1441: fixed #2175 · gpac/gpac@3dbe11b

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow.

CVE-2022-27145: There is a statck-overflow detected by AddressSanitizer · Issue #2108 · gpac/gpac

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.

CVE-2022-24577: NULL Pointer Dereference in gpac

GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.)

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution