CVE-2025-7797
BaseFortify
Publication date: 2025-07-18
Last updated on: 2025-10-03
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gpac | gpac | to 2.4.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7797 is a null pointer dereference vulnerability in the GPAC multimedia player software up to version 2.4. It occurs in the function gf_dash_download_init_segment in the file dash_client.c, where the argument base_init_url can be manipulated to be NULL. When the software tries to use this NULL pointer without checking, it causes a crash or exit (segmentation fault). This vulnerability can be triggered remotely without authentication, making it easily exploitable. The root cause involves improper handling of URLs, especially excessively long ones, which leads to base_init_url being NULL and then dereferenced. [2, 3]
How can this vulnerability impact me? :
This vulnerability primarily impacts the availability of the GPAC software by causing it to crash or exit unexpectedly due to a null pointer dereference. Since the attack can be launched remotely without any authentication, an attacker could cause denial of service by triggering this crash, disrupting any services or applications relying on GPAC for multimedia processing. [3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crashes or segmentation faults in the GPAC application, especially related to the function gf_dash_download_init_segment. Since the issue is triggered by a null pointer dereference caused by an excessively long or malformed URL input, you can check logs for crashes or errors related to GPAC. Additionally, you can verify the GPAC version in use (versions up to 2.4 are affected). There are no specific commands provided in the resources for direct detection, but you can use standard process monitoring and log inspection tools to detect crashes. For example, on Linux systems, you might use commands like 'ps aux | grep gpac' to check running versions, and 'dmesg' or 'journalctl' to look for crash logs. Network monitoring tools could be used to detect suspicious remote requests that might exploit this vulnerability, but no specific signatures or commands are provided. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to apply the patch identified by commit 153ea314b6b053db17164f8bc3c7e1e460938eaa, which adds a null pointer check in the function gf_dash_download_init_segment to prevent null pointer dereference. If patching is not immediately possible, consider restricting or filtering remote inputs to GPAC to prevent excessively long or malformed URLs that could trigger the vulnerability. Also, monitor and limit remote access to the affected GPAC service to reduce exposure until the patch is applied. [1]