Executive Summary

This vulnerability is a use-after-free issue in the gf_filter_pid_inst_swap function within the GPAC Project's MP4Box software before version 26.02.0. It occurs in the /filter_core/filter_pid.c file. A use-after-free vulnerability means that the software continues to use memory after it has been freed, which can lead to unexpected behavior.

In this case, attackers can exploit this flaw by supplying a specially crafted media file to the software.

Useful 0 Not Useful 0

Impact Analysis

Exploiting this vulnerability allows attackers to cause a Denial of Service (DoS) condition. This means the software could crash or become unresponsive when processing a maliciously crafted media file, potentially disrupting services or applications relying on MP4Box.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by attempting to process a crafted media file that triggers the use-after-free condition in GPAC's MP4Box tool.

A specific command to trigger detection is: ./MP4Box -info 34_gf_filter_pid_inst_swap_filter_core_filter_pid_c_633

Running this command results in an AddressSanitizer error indicating a heap-use-after-free, which confirms the presence of the vulnerability.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, update GPAC/MP4Box to a version that includes the fix for this issue.

The fix involves a code change that prevents redundant relinking operations and properly handles the graph state to avoid the use-after-free condition.

If an immediate update is not possible, avoid processing untrusted or crafted media files that could trigger this vulnerability.

Useful 0 Not Useful 0