More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2367919 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
This affects gstreamer1-plugins-bad only and is fixed in 1.26.1. There's an upstream patch, too: https://gstreamer.freedesktop.org/security/sa-2025-0001.html
FEDORA-2025-2a36564bd2 (gstreamer1-plugins-bad-free-1.24.11-2.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2025-2a36564bd2
FEDORA-2025-2a36564bd2 (gstreamer1-plugins-bad-free-1.24.11-2.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.