CVE-2024-57184

MEDIUM

GPAC v0.8.0 - Heap-Based Buffer Overflow in gf_m2ts_process_pmt

Title source: llm

Description

An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in media_tools/mpegts.c:2163 that can cause a denial of service (DOS) via a crafted MP4 file.

References (2)

Core 2

Core References

Patch

https://github.com/gpac/gpac/commit/8c5e847185d74462d674ee7d28fb46c29dae6dd2

View Patch ZIP pw:eip

Exploit, Issue Tracking, Vendor Advisory

https://github.com/gpac/gpac/issues/1421

Scores

CVSS v3 5.5

EPSS 0.0033

EPSS Percentile 24.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-120

Status published

Products (1)

gpac/gpac 0.8.0

Published Jan 24, 2025

Tracked Since Feb 18, 2026