CVE-2023-38857
Description
Heap-buffer-overflow in faad2 2.10.1's stcoin function allows remote code execution and denial of service via crafted MP4 file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Heap-buffer-overflow in faad2 2.10.1's stcoin function allows remote code execution and denial of service via crafted MP4 file.
Vulnerability
A heap-buffer-overflow vulnerability exists in faad2 version 2.10.1 within the stcoin function in mp4read.c at line 449:63 [1]. The overflow occurs when parsing a crafted MP4 file; the stcoin function reads 4 bytes from a heap-allocated buffer that is only 8 bytes in size, resulting in a read beyond the allocated region [1]. The buffer is allocated by the stscin function during earlier parsing [1]. This vulnerability affects all versions prior to 2.11.0 [2].
Exploitation
An attacker can exploit this vulnerability by supplying a specially crafted MP4 file to the faad2 decoder [1]. No authentication or special privileges are required; the attack can be performed remotely by enticing a user to process the malicious file. The parsing process triggers the overflow in the stcoin function during the handling of the MP4 atom structure, as demonstrated by the AddressSanitizer trace [1].
Impact
Successful exploitation allows a remote attacker to cause a heap-buffer-overflow, potentially leading to arbitrary code execution or a denial of service [1][2]. The vulnerability is classified as a buffer overflow with high severity, as it can compromise the confidentiality, integrity, and availability of the affected system.
Mitigation
The vulnerability is fixed in faad2 version 2.11.0 [2]. Users should upgrade to this version or later. There is no known workaround for this issue [2]. The Gentoo security advisory (GLSA 202401-13) recommends updating the media-libs/faad2 package to version 2.11.0 or higher [2].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- faad2/faad2description
- Range: <=2.10.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"A heap-buffer-overflow vulnerability exists in the stcoin function due to improper handling of input size."
Attack vector
A remote attacker can trigger this vulnerability by providing a specially crafted MP4 file to the faad2 application. The vulnerability is located in the `stcoin` function within `mp4read.c` [ref_id=1]. Processing this malicious file leads to a heap-buffer-overflow, potentially allowing arbitrary code execution or denial of service.
Affected code
The vulnerability resides in the `stcoin` function within the file `mp4read.c` at line 449:63 [ref_id=1]. This function is called during the parsing of MP4 files, specifically when processing coin-related data.
What the fix does
The patch is not available in the provided information. The advisory indicates a heap-buffer-overflow in `mp4read.c` at line 449:63 within the `stcoin` function [ref_id=1]. Remediation guidance is not specified.
Preconditions
- inputA specially crafted MP4 file.
Generated on Jun 8, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- security.gentoo.org/glsa/202401-13mitrevendor-advisory
- github.com/knik0/faad2/issues/171mitre
News mentions
0No linked articles in our index yet.