Published: 19/07/2022 Updated: 27/06/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gstreamer project gstreamer
debian debian linux 10.0
debian debian linux 11.0

Synopsis Moderate: gstreamer1-plugins-good security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 9Red Hat Product Security has ...

Several security issues were fixed in GStreamer Plugins Good ...

Adam Doupe discovered multiple vulnerabilities in the Gstreamer plugins to demux Mastroska and AVI files which could result in denial of service or the execution of arbitrary code For the stable distribution (bullseye), these problems have been fixed in version 1184-2+deb11u1 We recommend that you upgrade your gst-plugins-good10 packages For ...

CWE-190 https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 https://www.debian.org/security/2022/dsa-5204 https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html https://access.redhat.com/errata/RHSA-2023:2260 https://ubuntu.com/security/notices/USN-5555-1 https://nvd.nist.gov https://www.debian.org/security/2022/dsa-5204

CVE-2022-1925

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect