Segmentation Fault in GPAC MP4Box Affects Latest Versions
CVE-2023-46928

5.5MEDIUM

Key Information:

Vendor: Gpac
Status: Gpac
Vendor: CVE Published:; 1 November 2023

What is CVE-2023-46928?

A segmentation fault has been identified in GPAC's MP4Box, specifically within the gf_media_change_pl function located in isom_tools.c. This issue occurs during the processing of media files, potentially impacting the stability of the application and disrupting video processing tasks. Developers and users are advised to review the code changes and apply necessary updates as outlined in the related discussions and commits on GitHub.

References

https://github.com/gpac/gpac/issues/2661

https://github.com/gpac/gpac/commit/0753bf6d867343a80a044...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 1, 2023
Vulnerability Reserved
Oct 30, 2023

Gpac

What is CVE-2023-46928?

References

CVSS V3.1

Timeline