CVE-2025-15667 | GPAC up to 2.5-DEV MP4Box src/isomedia/avc_ext.c gf_isom_nalu_sample_rewrite nalu_out_bs double free (Issue 3403)
A vulnerability classified as critical has been found in GPAC up to 2.5-DEV. This vulnerability affects the function gf_isom_nalu_sample_rewrite of the file src/isomedia/avc_ext.c of the component MP4Box. This manipulation of the argument nalu_out_bs causes double free.
This vulnerability is handled as CVE-2025-15667. It is possible to launch the attack on the local host. Additionally, an exploit exists.
To fix this issue, it is recommended to deploy a patch.VulDB Recent EntriesRead More