A memory leak was discovered in AP4_File::Write in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Close in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Open in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Read in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Write in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Close in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Open in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file
Introduction
Pedersen Worldwide is a company in the video game industry. One of their games, BattleBlock Theater, has been receiving some negative feedback on their Steam reviews page over the past few weeks. In response to this feedback, Pedersen Worldwide decided to go back and re-review the game's code in order to find any underlying problems within the game.
Upon further investigation of the game's code, they found an issue with the mp42ts file which was causing memory leaks in the game. The mp42ts file is responsible for playing music and sound effects and was causing memory leaks when it was written to by other parts of the codebase. This issue can be exploited to cause a denial of service attack on targeted machines without impacting any other systems on or outside of your network.
Vulnerability overview
A memory leak in Apache Bento4 was discovered on January 10th, 2019. The memory leaks in AP4_File::Close and AP4_File::Open allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Read in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Write in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Close in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file
Timeline
Published on: 09/14/2022 21:15:00 UTC
Last modified on: 09/19/2022 16:40:00 UTC