Bug 2254588 (CVE-2023-40475, ZDI-CAN-21661)
Summary: | CVE-2023-40475 gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with AES3 audio | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Patrick Del Bello <pdelbell> |
Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
Status: | NEW --- | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | ndegraef, saroy |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | gstreamer-plugins-bad 1.22.6 | Doc Type: | If docs needed, set a value |
Doc Text: |
A heap buffer overflow flaw was found in the MXF file, demuxer, in the GStreamer Plugins Bad when handling malformed files with AES3 audio. This issue requires user interaction with the library. It may allow a malicious user to cause an integer overflow before allocating the buffer, triggering a crash or code execution via heap manipulation, and executing code in the context of the current process.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | Type: | --- | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2254564 |
Description
Patrick Del Bello
2023-12-14 17:46:50 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2287 https://access.redhat.com/errata/RHSA-2024:2287 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:3060 https://access.redhat.com/errata/RHSA-2024:3060 |