Created
December 7, 2023 06:46
-
-
Save ReturnHere/d0899bb03b8f5e8fae118f2b76888486 to your computer and use it in GitHub Desktop.
CVE-2023-46871.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2023-46871 | |
[PRODUCT] | |
MP4Box - GPAC version 2.3-DEV-rev602-ged8424300-master | |
[AFFECTED VERSION] | |
MP4Box - GPAC version 2.3-DEV-rev602-ged8424300-master and earlier version. | |
[PROBLEM TYPE] | |
Memory leaks | |
[DESCRIPTION] | |
MP4Box - GPAC version 2.3-DEV has Memory leaks leads to DoS | |
[TECHNICAL DETAILS] | |
GPAC version 2.3-DEV Memory leaks in NewSFDouble scenegraph/vrml_tools.c:300 | |
./MP4Box -bt $poc | |
/MP4Box -bt '/home/returnzero/gpac/out/default/crashes/id:000000,sig:06,src:000008,time:167295,execs:4216,op:havoc,rep:6' | |
[iso file] extra box maxr found in hinf, deleting | |
[iso file] Unknown box type traI in parent moov | |
[iso file] Box "stss" (start 9939) has 32 extra bytes | |
[iso file] extra box maxr found in hinf, deleting | |
[iso file] Track with no sample description box ! | |
[iso file] Incomplete box mdat - start 11495 size 861217 | |
[iso file] Incomplete file while reading for dump - aborting parsing | |
[iso file] extra box maxr found in hinf, deleting | |
[iso file] Unknown box type traI in parent moov | |
[iso file] Box "stss" (start 9939) has 32 extra bytes | |
[iso file] extra box maxr found in hinf, deleting | |
[iso file] Track with no sample description box ! | |
[iso file] Incomplete box mdat - start 11495 size 861217 | |
[iso file] Incomplete file while reading for dump - aborting parsing | |
MPEG-4 BIFS Scene Parsing | |
[MP4 Loading] decoding sample 1 from track ID 8 failed | |
Error loading scene: BitStream Not Compliant | |
Error: BitStream Not Compliant | |
================================================================= | |
==3703==ERROR: LeakSanitizer: detected memory leaks | |
Direct leak of 8 byte(s) in 1 object(s) allocated from: | |
#0 0x7f0d974b4887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 | |
#1 0x7f0d95d38b3b in NewSFDouble scenegraph/vrml_tools.c:300 | |
#2 0x7f0d95d38b3b in gf_sg_vrml_field_pointer_new scenegraph/vrml_tools.c:558 | |
SUMMARY: AddressSanitizer: 8 byte(s) leaked in 1 allocation(s). | |
[Reporter] | |
ReturnZero | |
[Solution] | |
Update newer version or lastst commit. | |
[References] | |
https://github.com/gpac/gpac/issues/2658 | |
[Disclosure Timeline] | |
2023-10-23 - Issue reported to vendor | |
2023-10-23 - Vendor responded and confirmed the issues | |
2023-10-23 - Vendor fix the issues | |
2023-10-30 - CVE Team RESERVED CVE-2023-46871 for this issue | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment