Bug#1051740: gpac: CVE-2023-3012 CVE-2023-3013 CVE-2023-3291 CVE-2023-39562 CVE-2023-4678 CVE-2023-4681 CVE-2023-4682 CVE-2023-4683 CVE-2023-4720 CVE-2023-4721 CVE-2023-4722 CVE-2023-4754 CVE-2023-4755 CVE-2023-4756 CVE-2023-4758 CVE-2023-4778

To: submit@bugs.debian.org
Subject: Bug#1051740: gpac: CVE-2023-3012 CVE-2023-3013 CVE-2023-3291 CVE-2023-39562 CVE-2023-4678 CVE-2023-4681 CVE-2023-4682 CVE-2023-4683 CVE-2023-4720 CVE-2023-4721 CVE-2023-4722 CVE-2023-4754 CVE-2023-4755 CVE-2023-4756 CVE-2023-4758 CVE-2023-4778
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Mon, 11 Sep 2023 23:25:39 +0200
Message-id: <[🔎] ZP+F0xDjeBmMMcKx@pisco.westfalen.local>
Reply-to: Moritz Mühlenhoff <jmm@inutil.org>, 1051740@bugs.debian.org

Source: gpac
X-Debbugs-CC: team@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerabilities were published for gpac.

CVE-2023-3012[0]:
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to
| 2.2.2.

https://huntr.dev/bounties/916b787a-c603-409d-afc6-25bb02070e69
https://github.com/gpac/gpac/commit/53387aa86c1af1228d0fa57c67f9c7330716d5a7

CVE-2023-3013[1]:
| Unchecked Return Value in GitHub repository gpac/gpac prior to
| 2.2.2.

https://huntr.dev/bounties/52f95edc-cc03-4a9f-9bf8-74f641260073
https://github.com/gpac/gpac/commit/78e539b43293829a14a32e821f5267e3b7417594

CVE-2023-3291[2]:
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to
| 2.2.2.

https://huntr.dev/bounties/526954e6-8683-4697-bfa2-886c3204a1d5/
https://github.com/gpac/gpac/commit/6a748ccc3f76ff10e3ae43014967ea4b0c088aaf

CVE-2023-39562[3]:
| GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a
| heap-use-after-free via the gf_bs_align function at bitstream.c.
| This vulnerability allows attackers to cause a Denial of Service
| (DoS) via supplying a crafted file.

https://github.com/gpac/gpac/issues/2537
https://github.com/gpac/gpac/commit/9024531ee8e6ae8318a8fe0cbb64710d1acc31f6

CVE-2023-4678[4]:
| Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.

https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07
https://huntr.dev/bounties/688a4a01-8c18-469d-8cbe-a2e79e80c877

CVE-2023-4681[5]:
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to
| 2.3-DEV.

https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c
https://huntr.dev/bounties/d67c5619-ab36-41cc-93b7-04828e25f60e

CVE-2023-4682[6]:
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to
| 2.3-DEV.

https://github.com/gpac/gpac/commit/b1042c3eefca87c4bc32afb404ed6518d693e5be
https://huntr.dev/bounties/15232a74-e3b8-43f0-ae8a-4e89d56c474c

CVE-2023-4683[7]:
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to
| 2.3-DEV.

https://github.com/gpac/gpac/commit/112767e8b178fc82dec3cf82a1ca14d802cdb8ec
https://huntr.dev/bounties/7852e4d2-af4e-4421-a39e-db23e0549922

CVE-2023-4720[8]:
| Floating Point Comparison with Incorrect Operator in GitHub
| repository gpac/gpac prior to 2.3-DEV.

https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a
https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad

CVE-2023-4721[9]:
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.

https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63
https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc

CVE-2023-4722[10]:
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior
| to 2.3-DEV.

https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76
https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830

CVE-2023-4754[11]:
| Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV.

https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0
https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c

CVE-2023-4755[12]:
| Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.

https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a
https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3

CVE-2023-4756[13]:
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to
| 2.3-DEV.

https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01
https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05

CVE-2023-4758[14]:
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.

https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86
https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6

CVE-2023-4778[15]:
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.

https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397/
https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-3012
    https://www.cve.org/CVERecord?id=CVE-2023-3012
[1] https://security-tracker.debian.org/tracker/CVE-2023-3013
    https://www.cve.org/CVERecord?id=CVE-2023-3013
[2] https://security-tracker.debian.org/tracker/CVE-2023-3291
    https://www.cve.org/CVERecord?id=CVE-2023-3291
[3] https://security-tracker.debian.org/tracker/CVE-2023-39562
    https://www.cve.org/CVERecord?id=CVE-2023-39562
[4] https://security-tracker.debian.org/tracker/CVE-2023-4678
    https://www.cve.org/CVERecord?id=CVE-2023-4678
[5] https://security-tracker.debian.org/tracker/CVE-2023-4681
    https://www.cve.org/CVERecord?id=CVE-2023-4681
[6] https://security-tracker.debian.org/tracker/CVE-2023-4682
    https://www.cve.org/CVERecord?id=CVE-2023-4682
[7] https://security-tracker.debian.org/tracker/CVE-2023-4683
    https://www.cve.org/CVERecord?id=CVE-2023-4683
[8] https://security-tracker.debian.org/tracker/CVE-2023-4720
    https://www.cve.org/CVERecord?id=CVE-2023-4720
[9] https://security-tracker.debian.org/tracker/CVE-2023-4721
    https://www.cve.org/CVERecord?id=CVE-2023-4721
[10] https://security-tracker.debian.org/tracker/CVE-2023-4722
    https://www.cve.org/CVERecord?id=CVE-2023-4722
[11] https://security-tracker.debian.org/tracker/CVE-2023-4754
    https://www.cve.org/CVERecord?id=CVE-2023-4754
[12] https://security-tracker.debian.org/tracker/CVE-2023-4755
    https://www.cve.org/CVERecord?id=CVE-2023-4755
[13] https://security-tracker.debian.org/tracker/CVE-2023-4756
    https://www.cve.org/CVERecord?id=CVE-2023-4756
[14] https://security-tracker.debian.org/tracker/CVE-2023-4758
    https://www.cve.org/CVERecord?id=CVE-2023-4758
[15] https://security-tracker.debian.org/tracker/CVE-2023-4778
    https://www.cve.org/CVERecord?id=CVE-2023-4778

Please adjust the affected versions in the BTS as needed.

Reply to:

Prev by Date: Re: Probing live / introducing myself
Next by Date: Processed: tagging 1051740
Previous by thread: jacktrip_2.0.2+ds-1~bpo12+1_source.changes ACCEPTED into stable-backports
Next by thread: Processed: tagging 1051740
Index(es):
- Date
- Thread