CVE-2021-40941

In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS).
References
Link Resource
https://github.com/axiomatic-systems/Bento4/issues/644 Exploit Third Party Advisory
https://github.com/axiomatic-systems/Bento4/issues/644 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:axiosys:bento4:1.6.0-638:*:*:*:*:*:*:*

History

21 Nov 2024, 06:25

Type Values Removed Values Added
References () https://github.com/axiomatic-systems/Bento4/issues/644 - Exploit, Third Party Advisory () https://github.com/axiomatic-systems/Bento4/issues/644 - Exploit, Third Party Advisory

Information

Published : 2022-06-27 18:15

Updated : 2024-11-21 06:25


NVD link : CVE-2021-40941

Mitre link : CVE-2021-40941

CVE.ORG link : CVE-2021-40941


JSON object : View

Products Affected

axiosys

  • bento4
CWE
CWE-770

Allocation of Resources Without Limits or Throttling