CVE-2021-32440

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-32440
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32440.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-32440
Downstream
Published
2021-08-11T20:15:09.047Z
Modified
2025-11-20T11:46:11.508444Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

References

Affected packages

Git / github.com/gpac/gpac

Affected ranges

Type
GIT
Repo
https://github.com/gpac/gpac
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
f0ba83717b6e4d7a15a1676d1fe06152e199b011

Affected versions

v0.*

v0.5.2
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.8.0
v0.9.0
v0.9.0-preview

v1.*

v1.0.0
v1.0.1

Database specific

vanir_signatures

[
    {
        "id": "CVE-2021-32440-151ab2a9",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "292811837512840737309210831618477824843",
                "56633421791632409623792356932421026123",
                "264956963414089665641085356883450197099",
                "146820989958733944269250255430742185742",
                "181980390067410981225650029363788127974",
                "41416744485024878536798274186716972892",
                "16902254216702133421594119075493294590",
                "6605820715595722175577025891883093545",
                "25162462372951742005191344929784154815",
                "300522819488476776236630047404130355831",
                "129265925869228689214539046750827331092",
                "280517253436087807076794070823613907265",
                "135875341899129305900183644227566278709"
            ]
        },
        "target": {
            "file": "src/isomedia/media_odf.c"
        },
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/f0ba83717b6e4d7a15a1676d1fe06152e199b011"
    },
    {
        "id": "CVE-2021-32440-a1b8cd72",
        "digest": {
            "length": 5180.0,
            "function_hash": "28016070447758118403828827648709978682"
        },
        "target": {
            "file": "src/isomedia/media_odf.c",
            "function": "Media_RewriteODFrame"
        },
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/f0ba83717b6e4d7a15a1676d1fe06152e199b011"
    }
]