UBUNTU-CVE-2025-55664

Details

A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

Affected Packages

gpac

Ubuntu Pro 14.04 LTS

Affected versions:

0.5.0+svn4288~dfsg1-1ubuntu10.5.0+svn4288~dfsg1-40.5.0+svn4288~dfsg1-4ubuntu10.5.0+svn4288~dfsg1-4ubuntu1+esm10.5.0+svn4288~dfsg1-4ubuntu1+esm2

gpac

Ubuntu Pro 16.04 LTS

Affected versions:

0.5.2-426-gc5ad4e4+dfsg5-1build10.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.10.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2

gpac

Ubuntu Pro 18.04 LTS

Affected versions:

0.5.2-426-gc5ad4e4+dfsg5-30.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.10.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1

gpac

Ubuntu Pro 20.04 LTS

Affected versions:

0.5.2-426-gc5ad4e4+dfsg5-4ubuntu10.5.2-426-gc5ad4e4+dfsg5-50.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2

gpac

Ubuntu Pro 22.04 LTS

Affected versions:

1.0.1+dfsg1-41.0.1+dfsg1-52.0.0+dfsg1-22.0.0+dfsg1-2ubuntu0.1~esm2

gpac

Ubuntu Pro 24.04 LTS

Affected versions:

2.2.1+dfsg1-32.2.1+dfsg1-3.12.2.1+dfsg1-3.1build12.2.1+dfsg1-3.1build22.2.1+dfsg1-3.1ubuntu0.1~esm2

References

REPORT

http://www.openwall.com/lists/oss-security/2026/06/01/10

REPORT

https://github.com/gpac/gpac/commit/9bd6a72c9efc0513dfd33b87498afc7658dabd26

REPORT

https://github.com/gpac/gpac/issues/3310

REPORT

https://infosec.exchange/@sigdevel/116659245751279377

REPORT

https://ubuntu.com/security/CVE-2025-55664

REPORT

https://www.cve.org/CVERecord?id=CVE-2025-55664