CVE-2021-30020 — MEDIUM (5.5)

Vulnerability Description

In the function gf_hevc_read_pps_bs_internal function in media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps->num_tile_columns may be larger than sizeof(pps->column_width), which results in a heap overflow in the loop.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Gpac	Gpac	1.0.1

Related Weaknesses (CWE)

CWE-787

References

https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788PatchThird Party Advisory
https://github.com/gpac/gpac/issues/1722ExploitThird Party Advisory
https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788PatchThird Party Advisory
https://github.com/gpac/gpac/issues/1722ExploitThird Party Advisory

FAQ

What is CVE-2021-30020?

CVE-2021-30020 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the function gf_hevc_read_pps_bs_internal function in media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps->num_tile_columns may be larger than sizeof(pps->column_wi...

How severe is CVE-2021-30020?

CVE-2021-30020 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-30020?

Check the references section above for vendor advisories and patch information. Affected products include: Gpac Gpac.