2487612 – (CVE-2026-53702) CVE-2026-53702 gstreamer1-plugins-bad-free: GStreamer: Stack buffer overflow in H.265 buffering period SEI parser

Bug 2487612 (CVE-2026-53702) - CVE-2026-53702 gstreamer1-plugins-bad-free: GStreamer: Stack buffer overflow in H.265 buffering period SEI parser

Summary: CVE-2026-53702 gstreamer1-plugins-bad-free: GStreamer: Stack buffer overflow ...

Keywords:
Status:	NEW
Alias:	CVE-2026-53702
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-06-10 16:13 UTC by OSIDB Bzimport
Modified:	2026-06-11 16:05 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-06-10 16:13:02 UTC

GStreamer H.265 buffering period SEI parser stack buffer overflow. In gst_h265_parser_parse_buffering_period(), the CPB loop bound used cpb_cnt_minus1[i] instead of cpb_cnt_minus1[0], causing writes past the 32-element CPB arrays on the stack. Fixed in GStreamer 1.28.3 (MR !11334, commit 48c11b7b01). Reported via PSIRTSUPT-7239 by Tianshuo Han.

Note You need to log in before you can comment on or make changes to this bug.