GPAC gf_bin128_parse Function Buffer Overflow Vulnerability [CVE-2019-11222]

CVE Number – CVE-2019-11222

A vulnerability in GPAC could allow an unauthenticated, remote attacker to trigger a buffer overflow on a targeted system.The vulnerability is due to insufficient checks of the crypt feature in the gf_bin128_parse function, as defined by the utils/os_dirvers.c source code file of the affected software. An attacker could exploit this vulnerability by sending a crafted _drm_file.xml file to the affected software which could cause a buffer overflow on the targeted system. A successful exploit could allow the attacker to gain access to sensitive information, modify files on the system, or cause a denial of service (DoS) condition. GPAC has not confirmed this vulnerably and software updates are not available; however, third-party issues and patches are available.

Analysis

• To exploit this vulnerability, the attacker must send a special file to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.

Safeguards

• Administrators are advised to check the vendor for future updates.Administrators are advised to allow only trusted users to have network access.Administrators are advised to monitor critical systems.

Vendor Announcements

• At the time this alert was first published, GPAC had not released a security advisory; however, a third-party security issue is available at the following link: buffer overflow issue

Fixed Software

• At the time this alert was first published, GPAC had not released software updates; however, a third party patch has been posted at the following link: fix buffer overrun in gf_bin128_parse