Severity by source
File delivered over network (AV:N), no complexity or privileges required (AC:L, PR:N), but user must invoke MP4Box on the file (UI:R); only process crash demonstrated, no C/I impact.
Estimated by vuln.today — no official severity rating has been published for this CVE yet.
Lifecycle Timeline
1Description PRE-NVD
AnalysisAI
Stack-based buffer overflow in GPAC's MP4Box tool crashes the process when parsing a crafted MP4 file containing a malformed non-self-delimited Opus packet. The function gf_opus_read_length() in media_tools/av_parsers.c performs a 2-byte out-of-bounds write into a stack-allocated pckh structure at offset 568, confirmed by AddressSanitizer at line 11140. No active exploitation is confirmed in CISA KEV, but a public proof-of-concept MP4 file is available from the reporter, and the CVSS vector (PR:N, UI:R) indicates any user or automated pipeline invoking MP4Box on untrusted Opus-bearing MP4 files is at risk of a process crash.
Technical ContextAI
GPAC is an open-source multimedia framework; MP4Box is its command-line tool used for MP4 muxing, demuxing, inspection, and track manipulation. The vulnerability is rooted in CWE-121 (Stack-based Buffer Overflow): gf_opus_read_length() in media_tools/av_parsers.c:11140 computes a length value from a malformed, non-self-delimited Opus packet with an invalid odd packet length, then writes that 2-byte value back into the pckh stack object (fixed-size, allocated in gf_inspect_dump_opus_internal()) without first validating that the computed offset falls within the struct's bounds. The call chain is gf_inspect_dump_opus_internal() → gf_opus_parse_packet_header() → gf_opus_read_length(). This overflow path is triggered specifically during Opus track inspection and XML dump operations. The fix is tracked upstream at commit ff8249a407685d00ceb5f4d2a798b9cad195140e in the gpac/gpac GitHub repository. No CPE strings were provided in available intelligence.
Affected ProductsAI
GPAC MP4Box (gpac/gpac) in all versions prior to fix commit ff8249a407685d00ceb5f4d2a798b9cad195140e are affected. The crash was confirmed reproducible on the master branch at time of discovery by the reporter. No specific version range or CPE strings were enumerated in the available intelligence. Downstream packaged versions of GPAC in Linux distributions or third-party media tools bundling libgpac may also be affected if they include the vulnerable av_parsers.c code path. The upstream issue is tracked at https://github.com/gpac/gpac/issues/3161.
RemediationAI
The upstream fix is available as commit ff8249a407685d00ceb5f4d2a798b9cad195140e in the gpac/gpac GitHub repository; users should rebuild GPAC from a source tree containing this commit. A tagged or released patched version has not been independently confirmed from available data - users should monitor the upstream releases page and the GitHub issue https://github.com/gpac/gpac/issues/3161 for an official release announcement. As a compensating control for automated pipelines, restrict MP4Box to processing only trusted, validated MP4 files and avoid invoking Opus track dump or XML inspection operations (e.g., -dxml flag) on externally supplied content. Sandboxing MP4Box invocations (e.g., via seccomp, containers, or least-privilege service accounts) limits blast radius to a process crash rather than broader system impact. Disabling Opus track processing specifically is not straightforwardly configurable via flags but avoiding -dxml and related dump operations reduces exposure. Advisory references: https://seclists.org/oss-sec/2026/q2/915 and https://github.com/gpac/gpac/issues/3161.
Share
External POC / Exploit Code
Leaving vuln.today