Lucene search
PRIOn knowledge basePRION:CVE-2021-21843HistoryAug 18, 2021 - 1:15 p.m.
Integer overflow
2021-08-1813:15:00
PRIOn knowledge base
www.prio-n.com
3
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. After validating the number of ranges, at [41] the library will multiply the count by the size of the GF_SubsegmentRangeInfo structure. On a 32-bit platform, this multiplication can result in an integer overflow causing the space of the array being allocated to be less than expected. An attacker can convince a user to open a video to trigger this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 10.0 | |
| debian_linux | eq | 11.0 | |
| gpac | eq | 1.0.1 |
Related
veracode
veracode
Denial Of Service
2021-09-02 18:49:06
osv
osv
CVE-2021-21843
2021-08-18 13:15:07
gpac - security update
2021-08-31 00:00:00
ubuntucve
ubuntucve
CVE-2021-21843
2021-08-18 00:00:00
cnvd
cnvd
nvd
nvd
CVE-2021-21843
2021-08-18 13:15:07
cvelist
cvelist
CVE-2021-21843
2021-08-18 12:33:47
cve
cve
CVE-2021-21843
2021-08-18 13:15:07
debiancve
debiancve
CVE-2021-21843
2021-08-18 13:15:07
talos
talos
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0431)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-4966-1)
2021-09-02 00:00:00
debian
debian
[SECURITY] [DSA 4966-1] gpac security update
2021-08-31 21:07:40
nessus
nessus
Debian DSA-4966-1 : gpac - security update
2021-09-01 00:00:00
mageia
mageia
Updated gpac packages fix security vulnerability
2021-09-23 07:49:29