Mageia: 2019-0146 Moderate: GPAC Memory Flaw Causes Denial Of Service
mageia
April 10, 2019
It was discovered that the GPAC MP4Box utility incorrectly handled certain memory operations
Summary
It was discovered that the GPAC MP4Box utility incorrectly handled certain
memory operations. If an user or automated system were tricked into opening
a specially crafted MP4 file, a remote attacker could use this issue to
cause MP4Box to crash, resulting in a denial of service, or possibly execute
arbitrary code (CVE-2018-7752, CVE-2018-13005, CVE-2018-13006, CVE-2018-20760,
CVE-2018-20761, CVE-2018-20762, CVE-2018-20763, CVE-2018-1000100).
References
- https://bugs.mageia.org/show_bug.cgi?id=24601
- https://ubuntu.com/security/notices/USN-3926-1
- https://www.cve.org/CVERecord?id=CVE-2018-7752
- https://www.cve.org/CVERecord?id=CVE-2018-13005
- https://www.cve.org/CVERecord?id=CVE-2018-13006
- https://www.cve.org/CVERecord?id=CVE-2018-20760
- https://www.cve.org/CVERecord?id=CVE-2018-20761
- https://www.cve.org/CVERecord?id=CVE-2018-20762
- https://www.cve.org/CVERecord?id=CVE-2018-20763
- https://www.cve.org/CVERecord?id=CVE-2018-1000100
Topics Covered
Resolution
SRPMS
- 6/tainted/gpac-0.6.1-4.1.mga6.tainted
PREVIOUS
NEXT
Publication date: 10 Apr 2019
URL: https://advisories.mageia.org/MGASA-2019-0146.html
Type: security
CVE: CVE-2018-7752,
CVE-2018-13005,
CVE-2018-13006,
CVE-2018-20760,
CVE-2018-20761,
CVE-2018-20762,
CVE-2018-20763,
CVE-2018-1000100
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!