Denial of Service Vulnerability in GPAC Product by GPAC
CVE-2023-46929

7.5HIGH

Key Information:

Vendor: GPAC
Status: Gpac
Vendor: CVE Published:; 3 January 2024

What is CVE-2023-46929?

A vulnerability exists within the GPAC media framework's MP4Box component that allows an attacker to initiate a denial of service condition. The flaw is located in the gf_avc_change_vui function in the av_parsers.c file, specifically at line 6872. By crafting malicious input, an attacker can exploit this vulnerability, causing the application to crash, thereby disrupting its service and affecting users dependent on its operations. Prompt remediation is advisable to maintain system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/gpac/gpac/issues/2662

https://github.com/gpac/gpac/commit/4248def5d24325aeb0e35...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 3, 2024
Vulnerability Reserved
Oct 30, 2023

JSON

GPAC

What is CVE-2023-46929?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.