CCExtractor Heap-Based Buffer Overflow Vulnerability in MPEG-TS File Parser
Vulnerability
A heap-based buffer overflow vulnerability has been identified in CCExtractor versions up to 183. This issue occurs in the MPEG-TS File Parser component, specifically within the 'parse_PAT' and 'parse_PMT' functions of the 'src/lib_ccx/ts_tables.c' library. The vulnerability arises from improper validation of length fields when processing malformed MPEG-TS files, leading to out-of-bounds read operations. The issue can be exploited locally, and a public proof-of-concept exploit is available.
Impact
Exploitation of this vulnerability causes a heap-buffer-overflow, which can lead to memory corruption and potentially allow for arbitrary code execution.
Reproduction
The vulnerability can be reproduced by building CCExtractor with release optimization and AddressSanitizer (ASan) enabled. After compiling the application, it can be run with a crafted MPEG-TS file that triggers the buffer overflow. This process can be automated with a public exploit available on GitHub.
Remediation
Users are advised to update to the latest version of CCExtractor, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.