CVE-2021-30019 - OpenCVE

In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0.1, a crafted file may cause ctx->hdr.frame_size to be smaller than ctx->hdr.hdr_size, resulting in size to be a negative number and a heap overflow in the memcpy.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gpac	Gpac

Configuration 1 [-]

cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc
https://github.com/gpac/gpac/issues/1723

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-04-19T19:34:08

Updated: 2024-08-03T22:24:59.329Z

Reserved: 2021-04-02T00:00:00

Link: CVE-2021-30019

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-04-19T20:15:14.490

Modified: 2021-04-21T19:01:59.187

Link: CVE-2021-30019

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0.1, a crafted file may cause ctx->hdr.frame_size to be smaller than ctx->hdr.hdr_size, resulting in size to be a negative number and a heap overflow in the memcpy."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-04-19T19:34:08", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/gpac/gpac/issues/1723"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-30019", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0.1, a crafted file may cause ctx->hdr.frame_size to be smaller than ctx->hdr.hdr_size, resulting in size to be a negative number and a heap overflow in the memcpy."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/gpac/gpac/issues/1723", "refsource": "MISC", "url": "https://github.com/gpac/gpac/issues/1723"}, {"name": "https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc", "refsource": "MISC", "url": "https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:24:59.329Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/gpac/gpac/issues/1723"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-30019", "datePublished": "2021-04-19T19:34:08", "dateReserved": "2021-04-02T00:00:00", "dateUpdated": "2024-08-03T22:24:59.329Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "82DD2D40-0A05-48FD-940D-32B4D8B51AB3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0.1, a crafted file may cause ctx->hdr.frame_size to be smaller than ctx->hdr.hdr_size, resulting in size to be a negative number and a heap overflow in the memcpy."}, {"lang": "es", "value": "En la funci\u00f3n adts_dmx_process en el archivo filters/reframe_adts.c en GPAC versi\u00f3n 1.0.1, un archivo dise\u00f1ado puede hacer que ctx-)hdr.frame_size sea m\u00e1s peque\u00f1o que ctx-)hdr.hdr_size, resultando en un tama\u00f1o sea un n\u00famero negativo y un desbordamiento de la pila en el memcpy"}], "id": "CVE-2021-30019", "lastModified": "2021-04-21T19:01:59.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-19T20:15:14.490", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/gpac/gpac/issues/1723"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}