GPAC gf_bin128_parse Function Buffer Overflow Vulnerability [CVE-2019-11222]

CVE Number – CVE-2019-11222

A vulnerability in GPAC could allow an unauthenticated, remote attacker to trigger a buffer overflow on a targeted system.The vulnerability is due to insufficient checks of the crypt feature in the gf_bin128_parse function, as defined by the utils/os_dirvers.c source code file of the affected software. An attacker could exploit this vulnerability by sending a crafted _drm_file.xml file to the affected software which could cause a buffer overflow on the targeted system. A successful exploit could allow the attacker to gain access to sensitive information, modify files on the system, or cause a denial of service (DoS) condition. GPAC has not confirmed this vulnerably and software updates are not available; however, third-party issues and patches are available.

Analysis

  • To exploit this vulnerability, the attacker must send a special file to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.

Safeguards

  • Administrators are advised to check the vendor for future updates.Administrators are advised to allow only trusted users to have network access.Administrators are advised to monitor critical systems.

Vendor Announcements

  • At the time this alert was first published, GPAC had not released a security advisory; however, a third-party security issue is available at the following link: buffer overflow issue

Fixed Software

  • At the time this alert was first published, GPAC had not released software updates; however, a third party patch has been posted at the following link: fix buffer overrun in gf_bin128_parse

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this:

Notice: ob_end_flush(): failed to send buffer of zlib output compression (0) in /home/systemte/public_html/wp-includes/functions.php on line 4339