CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
39.6%
A vulnerability, which was classified as critical, has been found in
Axiomatic Bento4. Affected by this issue is the function
AP4_LinearReader::Advance of the file Ap4LinearReader.cpp of the component
mp42ts. The manipulation leads to use after free. The attack may be
launched remotely. The exploit has been disclosed to the public and may be
used. VDB-212006 is the identifier assigned to this vulnerability.
Author | Note |
---|---|
alexmurray | kodi-inputstream-adaptive contains an embedded copy of bento4 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | kodi-inputstream-adaptive | < any | UNKNOWN |
ubuntu | 24.04 | noarch | kodi-inputstream-adaptive | < any | UNKNOWN |