Friday, August 13, 2021

Vulnerability Spotlight: Multiple integer overflow vulnerabilities in GPAC Project on Advanced Content

A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. 

Cisco Talos recently discovered multiple integer overflow vulnerabilities in the GPAC Project on Advanced Content that could lead to memory corruption.

The GPAC Project on Advanced Content is an open-source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3-D rendering. The project comes with the MP4Box tool, which allows the user to encode or decode media containers in multiple supported formats.

TALOS-2021-1297 (CVE-2021-21834 - CVE-2021-21852), TALOS-2021-1298 (CVE-2021-21859 - CVE-2021-21862) and TALOS-2021-1299 (CVE-2021-21853 - CVE-2021-21858) could all allow an adversary to corrupt the memory of the application. An adversary could exploit these vulnerabilities by sending the target a specially crafted MPEG-4 input. This could cause an integer overflow due to unchecked addition arithmetic, eventually resulting in a heap-based buffer overflow that causes memory corruption.

Cisco Talos worked with the GPAC Project to ensure that this issue is resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy

Users are encouraged to update GPAC Project Advanced Content commit a8a8d412dabcb129e695c3e7d861fcc81f608304 and version 1.0.1. Talos tested and confirmed that these versions are affected by these vulnerabilities.

The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 57607 - 57618, 57623 - 57630 and 57635 - 57672. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.  

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.