GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box.

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in gpac/MP4Box.

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14.

In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed

In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In faceid service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed