CVE-2026-9567
Received Received - Intake
Null Pointer Dereference in GPAC MP4Box

Publication date: 2026-05-26

Last updated on: 2026-05-26

Assigner: VulDB

Description
A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isom_intern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. The patch is identified as 525bf1af642c30af04e4df5345e6d798c0a4d8a1. It is advisable to implement a patch to correct this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-05-26
Generated
2026-05-26
AI Q&A
2026-05-26
EPSS Evaluated
N/A
NVD
CVE-2026-9567
EUVD
EUVD-2026-31945
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gpac mp4box to 2.4.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a security flaw in the GPAC software, specifically in the MergeFragment function of the MP4Box component. It occurs when processing a malformed or corrupted MP4 file, which causes a null pointer dereference. This means the program tries to use a null pointer as if it were valid, leading to a crash (SIGABRT) due to undefined behavior. The issue arises because certain fields are accessed without checking if they are null or zero, causing memory allocation or copying operations to fail.

The vulnerability requires local access to exploit and has been publicly disclosed along with a patch that adds proper null checks to prevent the crash.


How can this vulnerability impact me? :

This vulnerability can cause the MP4Box program to crash when processing a specially crafted malformed MP4 file. The crash results from a null pointer dereference, which leads to the program aborting unexpectedly.

An attacker with local access could exploit this flaw to cause denial of service by crashing the application. However, there is no indication that this vulnerability allows for code execution, data leakage, or privilege escalation.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by processing potentially malformed MP4 files with the MP4Box tool and observing if it crashes with an UndefinedBehaviorSanitizer (UBSan) error in the MergeFragment() function.

A practical detection method is to run MP4Box with the -hint option on suspicious or untrusted MP4 files and check for crashes or SIGABRT signals indicating a null pointer dereference.

  • mp4box -hint suspicious_file.mp4

If the program aborts with a SIGABRT or reports a UBSan error related to null pointer usage in isomedia/isom_intern.c, this indicates the presence of the vulnerability.


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to apply the patch identified by commit 525bf1af642c30af04e4df5345e6d798c0a4d8a1, which adds null checks in the MergeFragment() function to prevent null pointer dereference.

Until the patch is applied, avoid processing untrusted or malformed MP4 files with MP4Box to reduce the risk of triggering the vulnerability.

Ensure that your MP4Box installation is updated to a version that includes this fix.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart