Packages
- gpac - GPAC Project on Advanced Content
Details
It was discovered that the GPAC MP4Box utility incorrectly handled certain
AC3 files, which could lead to an out-of-bounds read. A remote attacker
could use this issue to cause MP4Box to crash, resulting in a denial of
service (system crash). This issue only affected Ubuntu 22.04 LTS and
Ubuntu 24.04 LTS. (CVE-2023-5520, CVE-2024-0322)
It was discovered that the GPAC MP4Box utility incorrectly handled certain
malformed text files. If a user or automated system using MP4Box were
tricked into opening a specially crafted RST file, an attacker could use
this issue to cause a denial of service (system crash) or execute arbitrary
code. (CVE-2024-0321)
It was discovered that the GPAC MP4Box utility incorrectly handled certain
AC3 files, which could lead to an out-of-bounds read. A remote attacker
could use this issue to cause MP4Box to crash, resulting in a denial of
service (system crash). This issue only affected Ubuntu 22.04 LTS and
Ubuntu 24.04 LTS. (CVE-2023-5520, CVE-2024-0322)
It was discovered that the GPAC MP4Box utility incorrectly handled certain
malformed text files. If a user or automated system using MP4Box were
tricked into opening a specially crafted RST file, an attacker could use
this issue to cause a denial of service (system crash) or execute arbitrary
code. (CVE-2024-0321)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 24.04 noble | gpac – 2.2.1+dfsg1-3.1ubuntu0.1~esm2 | ||
| gpac-modules-base – 2.2.1+dfsg1-3.1ubuntu0.1~esm2 | |||
| libgpac12t64 – 2.2.1+dfsg1-3.1ubuntu0.1~esm2 | |||
| 22.04 jammy | gpac – 2.0.0+dfsg1-2ubuntu0.1~esm2 | ||
| gpac-modules-base – 2.0.0+dfsg1-2ubuntu0.1~esm2 | |||
| libgpac11 – 2.0.0+dfsg1-2ubuntu0.1~esm2 | |||
| 20.04 focal | gpac – 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 | ||
| gpac-modules-base – 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 | |||
| libgpac4 – 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 | |||
| 18.04 bionic | gpac – 0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1 | ||
| gpac-modules-base – 0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1 | |||
| libgpac4 – 0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1 | |||
| 16.04 xenial | gpac – 0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2 | ||
| gpac-modules-base – 0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2 | |||
| libgpac4 – 0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2 | |||
| 14.04 trusty | gpac – 0.5.0+svn4288~dfsg1-4ubuntu1+esm2 | ||
| gpac-modules-base – 0.5.0+svn4288~dfsg1-4ubuntu1+esm2 | |||
| libgpac2 – 0.5.0+svn4288~dfsg1-4ubuntu1+esm2 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.