A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.
{
"versions": [
{
"introduced": "0"
},
{
"last_affected": "1.5.0-617"
}
]
}"2026-04-11T04:47:46Z"
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"308572507585856352145932927881347175705",
"272557305027728360472162646032749043289",
"165323675687539707753772975874818096364",
"285021036354712794539596122825774242153",
"166594828238651843661541181788043470174"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/axiomatic-systems/bento4/commit/2f267f89f957088197f4b1fc254632d1645b415d",
"signature_version": "v1",
"id": "CVE-2017-14640-645afdad",
"target": {
"file": "Source/C++/Core/Ap4AtomSampleTable.cpp"
}
},
{
"digest": {
"function_hash": "19319967281882059049951904879574726754",
"length": 1856.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/axiomatic-systems/bento4/commit/2f267f89f957088197f4b1fc254632d1645b415d",
"signature_version": "v1",
"id": "CVE-2017-14640-945069a4",
"target": {
"function": "AP4_AtomSampleTable::GetSample",
"file": "Source/C++/Core/Ap4AtomSampleTable.cpp"
}
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14640.json"