CVE-2023-48011

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 15, 2023

Updated: Nov 22, 2023

CWE ID 416

Summary

CVE-2023-48011: A heap-use-after-free vulnerability was identified in GPAC v2.3-DEV-rev566-g50c2ab06f-master. This issue affects the movie_fragments.c file in the isomedia source directory. The flaw lies within the flush_ref_samples function, which can result in memory being accessed after it has been freed, potentially leading to unintended program behavior or crashes. Exploitation of this vulnerability could allow an attacker to execute arbitrary code or cause denial-of-service conditions. Updating to a patched version of GPAC is strongly recommended to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

GPAC

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tYop0L
https://www.cve.org/CVERecord?id=CVE-2023-48011
https://nvd.nist.gov/vuln/detail/CVE-2023-48011

Back to Vulnerability Database

CVE-2023-48011

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations