{"id":"MGASA-2020-0137","summary":"Updated gpac packages fix security vulnerabilities","details":"The updated packages fix security vulnerabilities:\n\nAVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote\nattackers to cause a denial of service (NULL pointer dereference and\napplication crash) via a crafted file.\nThere is \"cfg_new-\u003eAVCLevelIndication = cfg-\u003eAVCLevelIndication;\" but\ncfg could be NULL. (CVE-2018-21015)\n\naudio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1\nallows remote attackers to cause a denial of service (heap-based buffer\nover-read and application crash) via a crafted file. (CVE-2018-21016)\n\nIn GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based\nbuffer over-read, as demonstrated by a crash in gf_m2ts_sync in\nmedia_tools/mpegts.c. (CVE-2019-13618)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is heap-based buffer overflow in the function\nReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c. (CVE-2019-20161)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is heap-based buffer overflow in the function\ngf_isom_box_parse_ex() in isomedia/box_funcs.c. (CVE-2019-20162)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is a NULL pointer dereference in the function\ngf_odf_avc_cfg_write_bs() in odf/descriptors.c. (CVE-2019-20163)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is a NULL pointer dereference in the function\nilst_item_Read() in isomedia/box_code_apple.c. (CVE-2019-20165)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is an invalid pointer dereference in the function\nGF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c. (CVE-2019-20170)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There are memory leaks in metx_New in isomedia/box_code_base.c\nand abst_Read in isomedia/box_code_adobe.c. (CVE-2019-20171)\n\ndimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based\nbuffer overflow. (CVE-2019-20208)\n","modified":"2026-04-16T04:42:00.827460012Z","published":"2020-03-10T19:04:50Z","upstream":["CVE-2018-21015","CVE-2018-21016","CVE-2019-13618","CVE-2019-20161","CVE-2019-20162","CVE-2019-20163","CVE-2019-20165","CVE-2019-20170","CVE-2019-20171","CVE-2019-20208"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0137.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26131"},{"type":"WEB","url":"https://www.debian.org/lts/security/2020/dla-2072"}],"affected":[{"package":{"name":"gpac","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/gpac?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.7.1-6.1.mga7.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0137.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}