In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0.1, a crafted file may cause ctx->hdr.frame_size to be smaller than ctx->hdr.hdr_size, resulting in size to be a negative number and a heap overflow in the memcpy.
References
Link | Resource |
---|---|
https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc | Patch Third Party Advisory |
https://github.com/gpac/gpac/issues/1723 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-19T19:34:08
Updated: 2021-04-19T19:34:08
Reserved: 2021-04-02T00:00:00
Link: CVE-2021-30019
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-19T20:15:14.490
Modified: 2021-04-21T19:01:59.187
Link: CVE-2021-30019
JSON object: View
Redhat Information
No data.
CWE