| عنوان | GPAC GPAC 26.03-DEV Out-of-Bounds Read |
|---|
| الوصف | GPAC 26.03-DEV is affected by an out-of-bounds read vulnerability in the VobSub subtitle parsing logic. The issue exists in the handling of repeated id: declarations in a crafted .idx file.
In vobsub_read_idx(), the parser stores language entries in a fixed-size langs[32] array but increments the num_langs counter for every accepted id: entry without preventing duplicate indexes or enforcing the array limit.
Later, vobsubdmx_parse_idx() iterates according to num_langs and accesses ctx->vobsub->langs[i].subpos. When more than 32 language entries are accepted, this results in an out-of-bounds read beyond the langs array.
An attacker can exploit this vulnerability by providing a specially crafted VobSub .idx subtitle file, causing GPAC or MP4Box to crash and resulting in a denial of service.
This vulnerability is classified as CWE-125: Out-of-bounds Read. |
|---|
| المصدر | ⚠️ https://github.com/gpac/gpac/issues/3611 |
|---|
| المستخدم | Fantasy_2026 (UID 98691) |
|---|
| ارسال | 08/06/2026 04:15 AM (1 شهر منذ) |
|---|
| الاعتدال | 09/07/2026 07:03 AM (1 month later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 377111 [GPAC 26.03-DEV MP4Box vobsub.c vobsub_read_idx num_langs الكشف عن المعلومات] |
|---|
| النقاط | 20 |
|---|