Login Sign Up

CVE-2022-29339

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability in GPAC's BS_ReadByte() function causes a failed assertion leading to denial of service when processing malformed media files. It affects systems running vulnerable versions of GPAC multimedia framework. Attackers can crash applications using GPAC by providing specially crafted input.

💻 Affected Systems

Products:
  • GPAC Multimedia Framework
Versions: GPAC 2.1-DEV-rev87-g053aae8-master and earlier development versions
Operating Systems: All platforms running GPAC (Linux, Windows, macOS)
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects development versions; stable releases may not be vulnerable. Applications using GPAC libraries for media processing are at risk.

📦 What is this software?

Gpac by Gpac

View all CVEs affecting Gpac →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash and denial of service for any service using GPAC to process media files, potentially disrupting media processing pipelines.

🟠

Likely Case

Application crash when processing malicious media files, causing temporary service disruption until restart.

🟢

If Mitigated

Minimal impact with proper input validation and sandboxing; crashes would be contained to isolated processes.

🌐 Internet-Facing: MEDIUM - Exploitable if application processes user-uploaded media files, but requires specific input triggering the assertion.
🏢 Internal Only: LOW - Typically requires local access or internal media processing workflows to trigger.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires crafting a media file that triggers the assertion failure. No authentication needed if application processes external media files.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 9ea93a2ec8f555ceed1ee27294cf94822f14f10f

Vendor Advisory: https://github.com/gpac/gpac/commit/9ea93a2ec8f555ceed1ee27294cf94822f14f10f

Restart Required: Yes

Instructions:

1. Update GPAC to version including commit 9ea93a2 or later. 2. Rebuild applications using GPAC libraries. 3. Restart affected services.

🔧 Temporary Workarounds

Input Validation

all

Implement strict media file validation before processing with GPAC

Process Isolation

linux

Run GPAC in isolated containers or sandboxes to limit crash impact

docker run --security-opt no-new-privileges gpac-container

🧯 If You Can't Patch

  • Implement network segmentation to isolate media processing systems
  • Deploy application monitoring to detect and restart crashed GPAC processes

🔍 How to Verify

Check if Vulnerable:

Check GPAC version: gpac -version and compare to commit hash. Vulnerable if before commit 9ea93a2.

Check Version:

gpac -version 2>/dev/null || gpac --version

Verify Fix Applied:

Verify GPAC version includes commit 9ea93a2: git log --oneline | grep 9ea93a2

📡 Detection & Monitoring

Log Indicators:

  • Application crash logs mentioning BS_ReadByte
  • Assertion failure in bitstream.c
  • GPAC process termination

Network Indicators:

  • Unusual media file uploads followed by service disruption

SIEM Query:

process_name:"gpac" AND event_type:"crash" OR "assertion failed"

📊 Metadata

CVE ID: CVE-2022-29339
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-617
Published: May 5, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29339, you might also want to check these:

CVE-2023-37015 8.6

This vulnerability allows remote attackers to cause denial of service by sending malformed ASN.1 pac...

Same vulnerability type (CWE-617)
CVE-2023-37016 8.6

CVE-2023-37016 is a remotely triggerable assertion vulnerability in Open5GS MME that allows denial o...

Same vulnerability type (CWE-617)
CVE-2023-37017 8.6

Open5GS MME versions up to 2.6.4 contain a remotely triggerable assertion via malformed ASN.1 packet...

Same vulnerability type (CWE-617)