CVE-2025-60473 Overview
CVE-2025-60473 is a NULL pointer dereference vulnerability in the gf_filter_in_parent_chain function within src/filter_core/filter_pid.c of GPAC, the multimedia framework that powers the MP4Box utility. Versions prior to 26.02.0 fail to validate that a filter PID instance contains a valid pid member before dereferencing it during parent chain traversal. Attackers can trigger a crash by supplying a crafted media file to MP4Box, resulting in a Denial of Service (DoS) condition affecting media processing workflows.
Critical Impact
Processing a malicious file with a vulnerable MP4Box build aborts the process, disrupting automated transcoding pipelines, content delivery systems, and forensic analysis tools that rely on GPAC.
Affected Products
- GPAC Project / MP4Box versions before 26.02.0
- Applications and pipelines embedding the GPAC libgpac filter core
- Media processing services that ingest untrusted files using GPAC
Discovery Timeline
- 2026-06-25 - CVE-2025-60473 published to NVD
- 2026-06-25 - Last updated in NVD database
Technical Details for CVE-2025-60473
Vulnerability Analysis
The vulnerability resides in GPAC's filter graph traversal logic. The gf_filter_in_parent_chain function walks the input PIDs of a parent filter to determine connection relationships. Each iteration retrieves a GF_FilterPidInst structure from the parent's input_pids list and immediately accesses pidi->pid->filter without verifying that pidi->pid is non-NULL. When a crafted input file causes the filter graph to enter a transient state where a PID instance is detached or not yet bound, the dereference reads from a NULL address and crashes the process. The bug is classified as a NULL Pointer Dereference DoS condition.
Root Cause
The root cause is missing input validation on a pointer field of a structure retrieved from a dynamic list. GPAC trusts that every GF_FilterPidInst entry stored in parent->input_pids has a fully initialized pid field, which is not invariant during graph reconfiguration triggered by malformed media inputs.
Attack Vector
Exploitation requires an attacker to deliver a crafted file to a user or service that processes it with a vulnerable MP4Box build. No authentication or network access to the host is required when the file is supplied through normal media ingestion. The result is a process crash, not code execution. A public proof-of-concept file is available in the researcher's GitHub PoC Repository.
// Patch from src/filter_core/filter_pid.c - adds NULL check before dereference
}
for (i=0; i<parent->num_input_pids; i++) {
GF_FilterPidInst *pidi = gf_list_get(parent->input_pids, i);
- if (gf_filter_in_parent_chain(pidi->pid->filter, filter)) {
+ if (pidi->pid && gf_filter_in_parent_chain(pidi->pid->filter, filter)) {
gf_mx_v(parent->tasks_mx);
return GF_TRUE;
}
// Source: https://github.com/gpac/gpac/commit/b8d80b44718de10b101e1d7fc17c84d69feb092e
The patch introduces a short-circuit pidi->pid && check that prevents the recursive call when the PID pointer is NULL, eliminating the crash condition.
Detection Methods for CVE-2025-60473
Indicators of Compromise
- Unexpected MP4Box or gpac process termination with SIGSEGV shortly after ingesting a new media file
- Core dumps showing a faulting address near 0x0 inside gf_filter_in_parent_chain or filter_pid.c
- Repeated failures of automated transcoding jobs tied to specific user-supplied input files
Detection Strategies
- Inventory all hosts and container images running MP4Box or linking libgpac, and compare versions against 26.02.0
- Inspect application logs from media pipelines for abnormal exit codes from GPAC worker processes
- Hash known PoC artifacts referenced in the GitHub PoC Documentation and alert on matches at file ingestion boundaries
Monitoring Recommendations
- Monitor crash telemetry from media processing services and route segmentation faults to the SOC for triage
- Track GitHub Issue #3285 and the upstream commit feed for related filter graph fixes
- Alert on outbound process restarts that correlate with newly uploaded user content in customer-facing media platforms
How to Mitigate CVE-2025-60473
Immediate Actions Required
- Upgrade GPAC and MP4Box to version 26.02.0 or later on all systems
- Rebuild any internal tools or containers that statically link or vendor libgpac against the patched source
- Restrict MP4Box execution to sandboxed users or containers with resource limits and automatic restart policies
Patch Information
The fix is committed upstream as b8d80b4 in the GPAC repository. Review the GitHub Commit Update for the exact source change, which adds a NULL guard on pidi->pid before traversal. Distribution maintainers should backport this single-line change to packaged GPAC builds older than 26.02.0.
Workarounds
- Do not process untrusted media files with vulnerable MP4Box builds until the upgrade is applied
- Run MP4Box under a process supervisor that isolates crashes and prevents pipeline stalls
- Validate container formats with a stricter pre-parser before handing files to GPAC for full processing
# Verify installed GPAC version and upgrade where needed
MP4Box -version 2>&1 | head -n 1
# Build patched GPAC from source (Linux)
git clone https://github.com/gpac/gpac.git
cd gpac
git checkout v2.6.0 # or the tag matching 26.02.0 or later
./configure && make -j"$(nproc)" && sudo make install
# Confirm the fix is present in the installed binary
strings "$(command -v MP4Box)" | grep -i 'gpac' | head -n 5
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

