Bug 2254587 (CVE-2023-40474, GStreamer-SA-2023-0006, ZDI-CAN-21660)
| Summary: | CVE-2023-40474 gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Patrick Del Bello <pdelbell> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | gstreamer-plugins-bad 1.22.6 | Doc Type: | --- |
| Doc Text: |
A heap-buffer overflow flaw was found in the MXF file demuxer in the GStreamer Plugins Bad when handling malformed files with an uncompressed video. This issue requires user interaction with the library, and could allow a malicious user to cause an integer overflow before allocating the buffer, triggering a crash or code execution via heap manipulation, executing code in the context of the current process.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2254564 | ||
|
Description
Patrick Del Bello
2023-12-14 17:46:27 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2287 https://access.redhat.com/errata/RHSA-2024:2287 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:3060 https://access.redhat.com/errata/RHSA-2024:3060 |