CVE-2023-4679 – A use-after-free vulnerability in GPAC's gf

Q: What is the severity of CVE-2023-4679?

CVE-2023-4679 has a CVSS score of 5.5 (MEDIUM). A use-after-free vulnerability in GPAC's gf_filterpacket_del function can cause double-free conditions leading to application crashes. This affects systems running GPAC version 2.3-DEV-revrelease when processing multimedia content. The vulnerability could potentially be exploited to cause denial of service.

📋 TL;DR

A use-after-free vulnerability in GPAC's gf_filterpacket_del function can cause double-free conditions leading to application crashes. This affects systems running GPAC version 2.3-DEV-revrelease when processing multimedia content. The vulnerability could potentially be exploited to cause denial of service.

💻 Affected Systems

Products:

GPAC (Multimedia Framework)

Versions: 2.3-DEV-revrelease

Operating Systems: All platforms running GPAC

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific development version; stable releases may not be impacted.

📦 What is this software?

Gpac by Gpac

View all CVEs affecting Gpac →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution if combined with other vulnerabilities, though unlikely given the CVSS score and nature of the bug.

🟠

Likely Case

Application crash leading to denial of service when processing malicious multimedia files.

🟢

If Mitigated

Minimal impact with proper input validation and sandboxing in place.

🌐 Internet-Facing: MEDIUM - Applications processing untrusted multimedia content from external sources are at risk.

🏢 Internal Only: LOW - Internal systems processing trusted content have minimal exposure.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting malicious multimedia files to trigger the vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit b68b3f0bf5c366e003221d78fd663a1d5514a876

Vendor Advisory: https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876

Restart Required: Yes

Instructions:

1. Update GPAC to latest version or apply the specific commit. 2. Recompile from source if using development version. 3. Restart any services using GPAC.

🔧 Temporary Workarounds

Input Validation

all

Implement strict input validation for multimedia files before processing with GPAC.

Sandbox Execution

all

Run GPAC in a sandboxed environment to limit impact of potential crashes.

🧯 If You Can't Patch

Restrict GPAC to processing only trusted, verified multimedia files.
Implement monitoring for application crashes and investigate any anomalies.

🔍 How to Verify

Check if Vulnerable:

Check GPAC version with 'gpac -version' or verify if using the specific vulnerable commit.

Check Version:

gpac -version

Verify Fix Applied:

Confirm GPAC version is updated beyond the vulnerable commit or check for the fix in the source code.

📡 Detection & Monitoring

Log Indicators:

GPAC application crashes
Segmentation faults in GPAC processes
Memory corruption errors

Network Indicators:

Unusual multimedia file uploads to systems using GPAC

SIEM Query:

Process:gpac AND (EventID:1000 OR EventID:1001) OR Error:segmentation fault

📊 Metadata

CVE ID: CVE-2023-4679

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-416

Published: November 15, 2024

Last Updated: November 19, 2024

🔗 References

https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876 Patch
https://huntr.com/bounties/6f721ee7-8785-4c26-801e-f40fed3faaac Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-4679, you might also want to check these: