Login Sign Up

CVE-2023-0819

7.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

This CVE describes a heap-based buffer overflow vulnerability in the GPAC multimedia framework. Attackers can exploit this to execute arbitrary code or cause denial of service by sending specially crafted media files. Users of GPAC versions prior to v2.3.0-DEV are affected.

💻 Affected Systems

Products:
  • GPAC Multimedia Framework
Versions: All versions prior to v2.3.0-DEV
Operating Systems: Linux, Windows, macOS, BSD
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using GPAC libraries for media processing is vulnerable when handling malicious input.

📦 What is this software?

Gpac by Gpac

View all CVEs affecting Gpac →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Application crash causing denial of service, potentially leading to service disruption.

🟢

If Mitigated

Contained application crash with no privilege escalation if proper sandboxing and memory protections are enabled.

🌐 Internet-Facing: MEDIUM - Requires processing malicious media files, which could be delivered via web applications or media servers.
🏢 Internal Only: LOW - Typically requires user interaction to open malicious files or specific media processing workflows.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting specific media files that trigger the buffer overflow condition.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.3.0-DEV and later

Vendor Advisory: https://github.com/gpac/gpac/commit/d067ab3ccdeaa340e8c045a0fd5bcfc22b809e8f

Restart Required: Yes

Instructions:

1. Update GPAC to version v2.3.0-DEV or later. 2. Rebuild any applications using GPAC libraries. 3. Restart affected services.

🔧 Temporary Workarounds

Input Validation

all

Implement strict input validation for media files before processing with GPAC.

Sandbox Execution

linux

Run GPAC processes in sandboxed environments with limited privileges.

firejail --net=none --private gpac [args]

🧯 If You Can't Patch

  • Implement network segmentation to isolate GPAC servers from critical systems
  • Deploy application allowlisting to prevent execution of unauthorized code

🔍 How to Verify

Check if Vulnerable:

Check GPAC version with 'gpac -version' or 'gpac -h' and verify it's earlier than v2.3.0-DEV.

Check Version:

gpac -version 2>/dev/null || gpac -h 2>/dev/null | head -1

Verify Fix Applied:

Confirm version is v2.3.0-DEV or later and test with known safe media files.

📡 Detection & Monitoring

Log Indicators:

  • GPAC process crashes
  • Segmentation fault errors in system logs
  • Abnormal memory usage patterns

Network Indicators:

  • Unusual media file uploads to applications using GPAC
  • Multiple failed processing attempts

SIEM Query:

process_name:"gpac" AND (event_type:crash OR error_message:"segmentation fault")

📊 Metadata

CVE ID: CVE-2023-0819
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-122
Published: February 13, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-0819, you might also want to check these:

CVE-2021-21940 10.0

A heap-based buffer overflow vulnerability in Anker Eufy Homebase 2's RTSP handling allows remote co...

Same vulnerability type (CWE-122)
CVE-2023-45318 10.0

This critical vulnerability allows remote attackers to execute arbitrary code on systems running Wes...

Same vulnerability type (CWE-122)
CVE-2025-23123 10.0

A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution. ...

Same vulnerability type (CWE-122)