Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-7320-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.12.2025.7320.1

Categoría: Ubuntu Local Security Checks

Título: Ubuntu: Security Advisory (USN-7320-1)

Resumen: The remote host is missing an update for the 'gpac' package(s) announced via the USN-7320-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'gpac' package(s) announced via the USN-7320-1 advisory.

Vulnerability Insight:
It was discovered that the GPAC MP4Box utility incorrectly handled certain
AC3 files, which could lead to an out-of-bounds read. A remote attacker
could use this issue to cause MP4Box to crash, resulting in a denial of
service (system crash). This issue only affected Ubuntu 22.04 LTS and
Ubuntu 24.04 LTS. (CVE-2023-5520, CVE-2024-0322)

It was discovered that the GPAC MP4Box utility incorrectly handled certain
malformed text files. If a user or automated system using MP4Box were
tricked into opening a specially crafted RST file, an attacker could use
this issue to cause a denial of service (system crash) or execute arbitrary
code. (CVE-2024-0321)

Affected Software/OS:
'gpac' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-5520
https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e
https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a
Common Vulnerability Exposure (CVE) ID: CVE-2024-0321
https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a
https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769
Common Vulnerability Exposure (CVE) ID: CVE-2024-0322
https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70
https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.12.2025.7320.1
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu: Security Advisory (USN-7320-1)
Resumen:	The remote host is missing an update for the 'gpac' package(s) announced via the USN-7320-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gpac' package(s) announced via the USN-7320-1 advisory. Vulnerability Insight: It was discovered that the GPAC MP4Box utility incorrectly handled certain AC3 files, which could lead to an out-of-bounds read. A remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service (system crash). This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2023-5520, CVE-2024-0322) It was discovered that the GPAC MP4Box utility incorrectly handled certain malformed text files. If a user or automated system using MP4Box were tricked into opening a specially crafted RST file, an attacker could use this issue to cause a denial of service (system crash) or execute arbitrary code. (CVE-2024-0321) Affected Software/OS: 'gpac' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-5520 https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a Common Vulnerability Exposure (CVE) ID: CVE-2024-0321 https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769 Common Vulnerability Exposure (CVE) ID: CVE-2024-0322 https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70 https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec
Copyright	Copyright (C) 2025 Greenbone AG