Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a denial of service (local). The component is: filter_core/filter_pid.c (L:574-580): function gf_filter_pid_inst_swap_delete_task() improperly accesses freed objects during PID instance swap/delete cleanup, leading to heap use-after-free. The attack vector is: Local (AV:L): a local, authenticated user who processes a specially crafted MPEG-2 TS/MP4 file with MP4Box can trigger the bug during filter teardown (PID instance swap/delete), causing a crash. ¶¶ In GPAC s MP4Box, gf_filter_pid_inst_swap_delete_task() in filter_core/filter_pid.c may dereference objects after they have been freed when cleaning up PID instances after a swap/delete operation. Crafted inputs (e.g., malformed MPEG-2 TS) can trigger a heap use-after-free and crash; exploitation may be possible.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GPAC 安全漏洞
Vulnerability Description
GPAC是GPAC团队开源的一款开源的多媒体框架。 GPAC 2.5-DEV-rev1593-gfe88c3545-master版本存在安全漏洞,该漏洞源于filter_core/filter_pid.c文件中gf_filter_pid_inst_swap_delete_task函数在清理PID实例交换/删除时访问已释放对象,导致堆使用后释放,可能导致本地拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A