CVE-2022-43038 Bento4 v1.6.0-639 had a heap overflow in the mp42ts AP4_BitReader::ReadCache() function.
This could lead to denial of service or possibly code execution.
Bento4 v1.6.0-638 was discovered to have a memory leak in the AP4_SD card class (AP4_SD::FreeMemory()) in mp42ts.
Bento4 v1.6.0-637 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock()) in mp42ts.
Bento4 v1.6.0-636 was discovered to have a stack overflow in the AP4_File class (AP4_File::ReadData()) in mp42ts.
Bento4 v1.6.0-635 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock()) in mp42ts.
Bento4 v1.6.0-634 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock()) in mp42ts.
Bento4 v1.6.0-633 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock()) in mp42ts.
Bento4 v1.6.0-632 was discovered to have a memory leak in the AP4_File class (AP4_File::Unlock
FAQ (Frequently asked questions)
What is the CVE-2022-43038?
CVE-2022-43038 is a vulnerability in Bento4 v1.6.0 to v1.6.0-634 which could lead to denial of service or possibly code execution.
Which versions of Bento4 are affected by this vulnerability?
Bento4 v1.6.0-633 and above are affected by the memory leak in AP4_File::Unlock().
Timeline
Published on: 10/19/2022 14:15:00 UTC
Last modified on: 10/21/2022 13:29:00 UTC