CVE-2023-46001

Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isomread.c:2807:51 function in gfisomgetuser_data.

References

Affected packages

Git / github.com/gpac/gpac

Affected ranges

Type: GIT
Repo: https://github.com/gpac/gpac
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e79b0cf7e72404750630bc01340e999f3940dbc4

Affected versions

v0.*

v0.5.2

v0.6.0

v0.6.1

v0.7.0

v0.7.1

v0.8.0

v0.9.0

v0.9.0-preview

v1.*

v1.0.0

v1.0.1

v2.*

v2.0.0

v2.2.0

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "signature_type": "Line",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "139053135632032770045830432449116439994",
                "313233847187391423297293502432640069483",
                "81164107033093206591332698582912436040",
                "249417544093235047722505046015037099160"
            ]
        },
        "id": "CVE-2023-46001-9737e6d5",
        "source": "https://github.com/gpac/gpac/commit/e79b0cf7e72404750630bc01340e999f3940dbc4",
        "target": {
            "file": "src/isomedia/isom_read.c"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "digest": {
            "length": 3553.0,
            "function_hash": "13370640472407297020903328421033878432"
        },
        "id": "CVE-2023-46001-ea546897",
        "source": "https://github.com/gpac/gpac/commit/e79b0cf7e72404750630bc01340e999f3940dbc4",
        "target": {
            "file": "src/isomedia/isom_read.c",
            "function": "gf_isom_get_user_data"
        }
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46001.json"