CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-57184: An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in...

Description

An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in media_tools/mpegts.c:2163 that can cause a denial of service (DOS) via a crafted MP4 file.

Classification

CVE ID: CVE-2024-57184

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.72% (scored less or equal to compared to others)

EPSS Date: 2025-02-21 (when was this score calculated)

References

https://github.com/gpac/gpac/issues/1421
https://github.com/gpac/gpac/commit/8c5e847185d74462d674ee7d28fb46c29dae6dd2

Timeline

2025-01-25 00:30:27 UTC
CVE

An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in...