Heap-based buffer overflow in the AV1 codec parser when handling certain malformed streams before GStreamer 1.22.7. It is possible for a malicious third party to trigger a crash in the application, and possibly also effect code execution through heap manipulation. References: https://gstreamer.freedesktop.org/security/sa-2023-0009.html https://www.zerodayinitiative.com/advisories/ZDI-CAN-22226 Upstream commit: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/b76a801f57353b893c344025cac56413140fca6d
Created gstreamer1-plugins-bad-free tracking bugs for this issue: Affects: fedora-all [bug 2250248]
Statement: A malicious third party has the potential to induce a crash in the application and may also impact code execution by manipulating the heap. Additionally, this vulnerability could lead to unauthorized access and compromise the security of the system. Red Hat Enterprise Linux 7 & 8 has gstreamer < 1.17 which does not have the av1 parser yet(does not have the vulnerable code), so RHEL-7 & RHEL-8 are not affected by this CVE.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7792 https://access.redhat.com/errata/RHSA-2023:7792
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7791 https://access.redhat.com/errata/RHSA-2023:7791
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:7873 https://access.redhat.com/errata/RHSA-2023:7873