CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
39.6%
A vulnerability was found in Axiomatic Bento4. It has been declared as
critical. This vulnerability affects the function GetOffset of the file
Ap4Sample.h of the component mp42hls. The manipulation leads to use after
free. The attack can be initiated remotely. The exploit has been disclosed
to the public and may be used. VDB-212002 is the identifier assigned to
this vulnerability.
Author | Note |
---|---|
alexmurray | kodi-inputstream-adaptive contains an embedded copy of bento4 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | kodi-inputstream-adaptive | < any | UNKNOWN |
ubuntu | 24.04 | noarch | kodi-inputstream-adaptive | < any | UNKNOWN |