Source: gpac X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security
Hi, The following vulnerabilities were published for gpac. CVE-2022-29339[0]: | In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in | utils/bitstream.c has a failed assertion, which causes a Denial of | Service. This vulnerability was fixed in commit 9ea93a2. https://github.com/gpac/gpac/commit/9ea93a2ec8f555ceed1ee27294cf94822f14f10f https://github.com/gpac/gpac/issues/2165 CVE-2022-29340[1]: | GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference | vulnerability in gf_isom_parse_movie_boxes_internal due to improper | return value handling of GF_SKIP_BOX, which causes a Denial of | Service. This vulnerability was fixed in commit 37592ad. https://github.com/gpac/gpac/commit/37592ad86c6ca934d34740012213e467acc4a3b0 https://github.com/gpac/gpac/issues/2163 CVE-2022-29537[2]: | gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a | heap-based buffer over-read, as demonstrated by MP4Box. https://github.com/gpac/gpac/issues/2173 https://github.com/gpac/gpac/commit/1773b7a34bc08734aee7d3f5dfe65d06389fe15a CVE-2022-30976[3]: | GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed | gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based | buffer over-read, as demonstrated by MP4Box. https://github.com/gpac/gpac/issues/2179 https://github.com/gpac/gpac/commit/915e2cba715f36b7cc29e28888117831ca143d78 CVE-2022-1035[4]: | Segmentation Fault caused by MP4Box -lsr in GitHub repository | gpac/gpac prior to 2.1.0-DEV. https://huntr.dev/bounties/851942a4-1d64-4553-8fdc-9fccd167864b https://github.com/gpac/gpac/commit/3718d583c6ade191dc7979c64f48c001ca6f0243 CVE-2022-1172[5]: | Null Pointer Dereference Caused Segmentation Fault in GitHub | repository gpac/gpac prior to 2.1.0-DEV. https://huntr.dev/bounties/a26cb79c-9257-4fbf-98c5-a5a331efa264/ https://github.com/gpac/gpac/issues/2153 https://github.com/gpac/gpac/commit/55a183e6b8602369c04ea3836e05436a79fbc7f8 CVE-2022-1222[6]: | Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV. https://huntr.dev/bounties/f8cb85b8-7ff3-47f1-a9a6-7080eb371a3d https://github.com/gpac/gpac/commit/7f060bbb72966cae80d6fee338d0b07fa3fc06e1 CVE-2022-1441[7]: | MP4Box is a component of GPAC-2.0.0, which is a widely-used third- | party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it | calls the function `diST_box_read()` to read from video. In this | function, it allocates a buffer `str` with fixed length. However, | content read from `bs` is controllable by user, so is the length, | which causes a buffer overflow. https://github.com/gpac/gpac/issues/2175 https://github.com/gpac/gpac/commit/3dbe11b37d65c8472faf0654410068e5500b3adb CVE-2022-1795[8]: | Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. https://huntr.dev/bounties/9c312763-41a6-4fc7-827b-269eb86efcbc https://github.com/gpac/gpac/commit/c535bad50d5812d27ee5b22b54371bddec411514 If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-29339 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29339 [1] https://security-tracker.debian.org/tracker/CVE-2022-29340 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29340 [2] https://security-tracker.debian.org/tracker/CVE-2022-29537 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29537 [3] https://security-tracker.debian.org/tracker/CVE-2022-30976 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30976 [4] https://security-tracker.debian.org/tracker/CVE-2022-1035 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1035 [5] https://security-tracker.debian.org/tracker/CVE-2022-1172 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1172 [6] https://security-tracker.debian.org/tracker/CVE-2022-1222 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1222 [7] https://security-tracker.debian.org/tracker/CVE-2022-1441 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1441 [8] https://security-tracker.debian.org/tracker/CVE-2022-1795 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1795 Please adjust the affected versions in the BTS as needed.