This could lead to denial of service or possibly code execution.

Bento4 v1.6.0-638 was discovered to have a memory leak in the AP4_SD card class (AP4_SD::FreeMemory()) in mp42ts.

Bento4 v1.6.0-637 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock()) in mp42ts.

Bento4 v1.6.0-636 was discovered to have a stack overflow in the AP4_File class (AP4_File::ReadData()) in mp42ts.

Bento4 v1.6.0-635 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock()) in mp42ts.

Bento4 v1.6.0-634 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock()) in mp42ts.

Bento4 v1.6.0-633 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock()) in mp42ts.

Bento4 v1.6.0-632 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock

FAQ (Frequently asked questions)

What is the CVE-2022-43038?
CVE-2022-43038 is a vulnerability in Bento4 v1.6.0 to v1.6.0-634 which could lead to denial of service or possibly code execution.
Which versions of Bento4 are affected by this vulnerability?
Bento4 v1.6.0-633 and above are affected by the memory leak in AP4_File::Unlock().

Timeline

Published on: 10/19/2022 14:15:00 UTC
Last modified on: 10/21/2022 13:29:00 UTC

References