GPAC Project MP4Box Segmentation Violation Vulnerability in Color Info Function Allowing Denial-of-Service

A segmentation violation vulnerability has been identified in the GPAC Project MP4Box, specifically in versions prior to 26.02.0. The issue arises in the 'gf_media_get_color_info' function within 'media_tools/isom_tools.c'. This vulnerability allows attackers to cause a denial-of-service by supplying a crafted data file that exploits inconsistencies in video sample entries.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing an immediate process crash and resulting in a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by processing a crafted MP4 file with MP4Box. The file must contain a video sample entry that is inconsistent with its contained boxes, such as a 'v210' entry that incorrectly includes an 'avcC' AVC Decoder Configuration Box. This can be done using the MP4Box command-line tool with the '-split-size 8000' option, followed by the name of the crafted file.

Remediation

Users should upgrade to GPAC version 26.02.0 or later, or apply the patch available in the commit '9beed3c0a2f38505c745e5376234e7ed66e8e0b1'.