Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2022-43255
CVE-2022-43255:
NixOS vulnerability analysis and mitigation
Overview
GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak vulnerability in the component gf_odf_new_iod at odf/odf_code.c. The vulnerability was identified on October 11, 2022, affecting GPAC multimedia framework versions prior to 2.2.0 (GitHub Issue, NVD).
Technical details
The vulnerability is classified as a memory leak issue (CWE-401: Missing Release of Memory after Effective Lifetime) with a CVSS v3.1 Base Score of 5.5 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). The issue specifically occurs in the gf_odf_new_iod function located at odf/odf_code.c line 415 (NVD).
Impact
The memory leak vulnerability can lead to resource exhaustion and potential denial of service conditions, affecting the system's availability. The CVSS score indicates that while the vulnerability requires local access and user interaction, it can have a high impact on system availability (NVD).
Mitigation and workarounds
The vulnerability has been addressed in GPAC versions 2.2.0 and later. For Debian systems, the fix has been included in version 1.0.1+dfsg1-4+deb11u2 for the stable distribution (bullseye) (Debian Security).
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management