{"id":"MGASA-2021-0431","summary":"Updated gpac packages fix security vulnerability","details":"A specially crafted MPEG-4 input when decoding the atom for the \"co64\" \nFOURCC can cause an integer overflow due to unchecked arithmetic resulting\nin a heap-based buffer overflow that causes memory corruption. (CVE-2021-21834)\n\nA specially crafted MPEG-4 input using the \"ctts\" FOURCC code can cause\nan integer overflow due to unchecked arithmetic resulting in a\nheap-based buffer overflow that causes memory corruption. (CVE-2021-21836)\n\nA specially crafted MPEG-4 input can cause an integer overflow due to\nunchecked arithmetic resulting in a heap-based buffer overflow that\ncauses memory corruption. (CVE-2021-21837, CVE-2021-21838, CVE-2021-21839)\n\nA specially crafted MPEG-4 input used to process an atom using the \"saio\"\nFOURCC code cause an integer overflow due to unchecked arithmetic\nresulting in a heap-based buffer overflow that causes memory corruption.\n(CVE-2021-21840)\n\nA specially crafted MPEG-4 input when reading an atom using the 'sbgp'\nFOURCC code can cause an integer overflow due to unchecked arithmetic\nresulting in a heap-based buffer overflow that causes memory corruption.\n(CVE-2021-21841)\n\nA specially crafted MPEG-4 input can cause an integer overflow when\nprocessing an atom using the 'ssix' FOURCC code, due to unchecked\narithmetic resulting in a heap-based buffer overflow that causes memory\ncorruption. (CVE-2021-21842)\n\nA specially crafted MPEG-4 input can cause an integer overflow due to\nunchecked arithmetic resulting in a heap-based buffer overflow that\ncauses memory corruption. After validating the number of ranges, at [41]\nthe library will multiply the count by the size of the\nGF_SubsegmentRangeInfo structure. On a 32-bit platform, this\nmultiplication can result in an integer overflow causing the space of the\narray being allocated to be less than expected. (CVE-2021-21843)\n\nA specially crafted MPEG-4 input when encountering an atom using the\n\"stco\" FOURCC code, can cause an integer overflow due to unchecked\narithmetic resulting in a heap-based buffer overflow that causes memory\ncorruption. (CVE-2021-21844)\n\nA specially crafted MPEG-4 input in \"stsc\" decoder can cause an integer\noverflow due to unchecked arithmetic resulting in a heap-based buffer\noverflow that causes memory corruption. (CVE-2021-21845)\n\nA specially crafted MPEG-4 input in \"stsz&\" decoder can cause an integer\noverflow due to unchecked arithmetic resulting in a heap-based buffer\noverflow that causes memory corruption. (CVE-2021-21846)\n\nA specially crafted MPEG-4 input in \"stts\" decoder can cause an integer\noverflow due to unchecked arithmetic resulting in a heap-based buffer\noverflow that causes memory corruption. (CVE-2021-21847)\n\nThe library will actually reuse the parser for atoms with the \"stsz\"\nFOURCC code when parsing atoms that use the \"stz2\" FOURCC code and can\ncause an integer overflow due to unchecked arithmetic resulting in a\nheap-based buffer overflow that causes memory corruption.\n(CVE-2021-21848)\n\nA specially crafted MPEG-4 input can cause an integer overflow when the\nlibrary encounters an atom using the \"tfra\" FOURCC code due to unchecked\narithmetic resulting in a heap-based buffer overflow that causes memory\ncorruption. (CVE-2021-21849)\n\nA specially crafted MPEG-4 input can cause an integer overflow when the\nlibrary encounters an atom using the \"trun\" FOURCC code due to unchecked\narithmetic resulting in a heap-based buffer overflow that causes memory\ncorruption. (CVE-2021-21850)\n\nA specially crafted MPEG-4 input can cause an integer overflow due to\nunchecked addition arithmetic resulting in a heap-based buffer overflow\nthat causes memory corruption. (CVE-2021-21853, CVE-2021-21854,\nCVE-2021-21855, CVE-2021-21857, CVE-2021-21858)\n\nThe stri_box_read function is used when processing atoms using the 'stri'\nFOURCC code. (CVE-2021-21859)\n\nA specially crafted MPEG-4 input can cause an improper memory allocation\nresulting in a heap-based buffer overflow that causes memory corruption.\nThe FOURCC code, 'trik', is parsed by the function within the library.\n(CVE-2021-21860)\n\nWhen processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input\ncan cause an improper memory allocation resulting in a heap-based buffer\noverflow that causes memory corruption. (CVE-2021-21861)\n","modified":"2026-02-04T04:09:59.614394Z","published":"2021-09-23T04:49:29Z","related":["CVE-2021-21834","CVE-2021-21836","CVE-2021-21837","CVE-2021-21838","CVE-2021-21839","CVE-2021-21840","CVE-2021-21841","CVE-2021-21842","CVE-2021-21843","CVE-2021-21844","CVE-2021-21845","CVE-2021-21846","CVE-2021-21847","CVE-2021-21848","CVE-2021-21849","CVE-2021-21850","CVE-2021-21853","CVE-2021-21854","CVE-2021-21855","CVE-2021-21857","CVE-2021-21858","CVE-2021-21859","CVE-2021-21860","CVE-2021-21861"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0431.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29432"},{"type":"REPORT","url":"https://www.debian.org/security/2021/dsa-4966"}],"affected":[{"package":{"name":"gpac","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/gpac?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-1.1.mga8.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0431.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}