Impact
The vulnerability resides in the filter_core/filter_pid.c file of GPAC MP4Box, where the function gf_filter_pid_inst_swap_delete_task improperly accesses freed objects during cleanup after a PID instance swap or delete operation. This improper access results in a heap use‑after‑free that can be triggered by a specially crafted MPEG‑2 TS or MP4 file, causing the application to crash. The weakness is a classic buffer overflow/use‑after‑free scenario that undermines the integrity of the media processing pipeline and can be exploited locally by a user with permission to execute MP4Box on a crafted media file.
Affected Systems
Affected is the GPAC Multimedia Open Source Project, specifically the MP4Box component. The affected version is 2.5‑DEV‑rev1593‑gfe88c3545‑master. No other vendors or product lines are listed.
Risk and Exploitability
The flaw can be exploited locally by a user who has permission to execute MP4Box with a specially crafted media file. Based on the description, the likely attack vector is local, authenticated execution of MP4Box with a crafted MPEG‑2 TS or MP4 file. No remote exploitation vector is known. Because the vulnerability is limited to the host machine, a malicious file supplied via untrusted media would be required. The EPSS score is < 1% and the CVSS score of 5.5 indicate a low probability of exploitation and moderate severity, respectively, but the presence of a heap use‑after‑free and lack of remote code execution suggest a moderate to high risk for systems relying on MP4Box for unattended media processing.
OpenCVE Enrichment