CVE-2022-40775 An issue was discovered in Bento4 through 1.6.0-639

With certain table types, Bento4 will attempt to atomically update a record's data with a call to AP4_StszAtom::SetData(), but if there is an error, the record will not be updated. If an attacker is able to inject data into an AP4_StszAtom::SetData() call and the record's data type is one that does not support atomically updating the record's data, then a NULL pointer dereference will occur. This could lead to a denial of service attack and/or potentially arbitrary code execution.

A vulnerable installation of Bento4 can be exploited after an attacker modifies a database table to contain a piece of data that will cause a NULL pointer dereference during an attempt to atomically update the record's data. At the time of this advisory's publication, the example SQL injection payload is: Bento4 1.6.0-639 and older versions are vulnerable.

Bento4 through 1.6.0-639 are vulnerable. Bento5 is not vulnerable any longer.

Mitigation  

A patch has been released for Bento4 through 1.6.0-639. Users of these versions should upgrade to a fixed version.

End users of Bento4 through 1.6.0-639 can protect their installations against this issue by disabling AP4_StszAtom::SetData() completely.

Bento5 is not vulnerable any longer.


Bento5 is not vulnerable any longer.

Bento4 and Bento5 are types of databases and are vulnerable to this issue.

Timeline

Published on: 09/18/2022 19:15:00 UTC
Last modified on: 09/21/2022 14:39:00 UTC

References