security-advisories: sync with www module

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9143>
This commit is contained in:
Tim-Philipp Müller 2025-05-30 00:46:52 +01:00
parent d5dfa3ef5e
commit 111c859d58
6 changed files with 295 additions and 0 deletions

View File

@ -0,0 +1,46 @@
# Security Advisory 2025-0001 (ZDI-CAN-26596, CVE-2025-3887)
<div class="vertical-table">
| | |
| ----------------- | ----------------------------------------- |
| Summary | Stack buffer-overflow in H.265 codec parser during slice header parsing |
| Date | 2025-04-24 18:00 |
| Affected Versions | GStreamer gst-plugins-bad 1.x < 1.26.1 |
| IDs | GStreamer-SA-2025-0001<br/>ZDI-CAN-26596<br/>CVE-2025-3887 |
</div>
## Details
Stack buffer-overflow in H.265 codec parser when handling malformed streams
before GStreamer 1.26.1.
## Impact
It is possible for a malicious third party to trigger stack buffer-overflows that
can result in a crash of the application.
## Solution
The gst-plugins-bad 1.26.1 release addresses the issue. People using older
branches of GStreamer should apply the patch and recompile.
## References
### The GStreamer project
- [https://gstreamer.freedesktop.org](https://gstreamer.freedesktop.org)
### CVE Database Entries
- [CVE-2025-3887](https://www.cve.org/CVERecord?id=CVE-2025-3887)
### GStreamer 1.26.1 release
- [Release Notes](/releases/1.26/#1.26.1)
- [GStreamer Plugins Bad 1.26.1](/src/gst-plugins-bad/gst-plugins-bad-1.26.1.tar.xz)
### Patches
- [Patch](https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8884.patch)

View File

@ -0,0 +1,48 @@
# Security Advisory 2025-0002 (CVE-2025-47807)
<div class="vertical-table">
| | |
| ----------------- | --- |
| Summary | NULL-pointer dereference in SubRip subtitle parser|
| Date | 2025-05-29 23:30 |
| Affected Versions | GStreamer gst-plugins-base < 1.26.2 |
| IDs | GStreamer-SA-2025-0002<br/>CVE-2025-47807 |
</div>
## Details
A NULL-pointer dereference in the SubRip subtitle parser that can cause crashes
for certain input files.
## Impact
It is possible for a malicious third party to trigger a NULL-pointer dereference
that can result in a crash of the application.
## Solution
The gst-plugins-base 1.26.2 release addresses the issue. People using older
branches of GStreamer should apply the patch and recompile.
## References
### The GStreamer project
- [https://gstreamer.freedesktop.org](https://gstreamer.freedesktop.org)
### CVE Database Entries
- [CVE-2025-47807](https://www.cve.org/CVERecord?id=CVE-2025-47807)
### GStreamer releases
#### 1.26 (current stable)
- [GStreamer 1.26.2 release notes](/releases/1.26/#1.26.2)
- [GStreamer Plugins Base 1.26.2](/src/gst-plugins-base/gst-plugins-base-1.26.2.tar.xz)
### Patches
- [Patch](https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9132.patch) (3-in-1)

View File

@ -0,0 +1,48 @@
# Security Advisory 2025-0003 (CVE-2025-47808)
<div class="vertical-table">
| | |
| ----------------- | --- |
| Summary | NULL-pointer dereference in TMPlayer subtitle parser|
| Date | 2025-05-29 23:30 |
| Affected Versions | GStreamer gst-plugins-base < 1.26.2 |
| IDs | GStreamer-SA-2025-0003<br/>CVE-2025-47808 |
</div>
## Details
A NULL-pointer dereference in the TMPlayer subtitle parser that can cause crashes
for certain input files.
## Impact
It is possible for a malicious third party to trigger a NULL-pointer dereference
that can result in a crash of the application.
## Solution
The gst-plugins-base 1.26.2 release addresses the issue. People using older
branches of GStreamer should apply the patch and recompile.
## References
### The GStreamer project
- [https://gstreamer.freedesktop.org](https://gstreamer.freedesktop.org)
### CVE Database Entries
- [CVE-2025-47808](https://www.cve.org/CVERecord?id=CVE-2025-47808)
### GStreamer releases
#### 1.26 (current stable)
- [GStreamer 1.26.2 release notes](/releases/1.26/#1.26.2)
- [GStreamer Plugins Base 1.26.2](/src/gst-plugins-base/gst-plugins-base-1.26.2.tar.xz)
### Patches
- [Patch](https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9132.patch) (3-in-1)

View File

@ -0,0 +1,56 @@
# Security Advisory 2025-0004 (CVE-2025-47219)
<div class="vertical-table">
| | |
| ----------------- | --- |
| Summary | Out-of-bounds read in MOV/MP4 demuxer|
| Date | 2025-05-29 23:30 |
| Affected Versions | GStreamer gst-plugins-good < 1.26.2 |
| IDs | GStreamer-SA-2025-0004<br/>CVE-2025-47219 |
</div>
## Details
An Out-of-bounds read in the MOV/MP4 demuxer that can cause crashes or
potentially information leaks for certain input files.
## Impact
It is possible for a malicious third party to trigger an Out-of-bounds read
that can result in a crash of the application or potentially information leaks.
## Solution
The gst-plugins-good 1.26.2 release addresses the issue.
People using older versions of GStreamer should either upgrade or apply the
minimal patch and recompile.
Note that the minimal patch is not included in the 1.26.2 release in that form
since this issue was solved independently [in a different way][MR-8929] as part
of a bigger refactoring that solved this and many other issues.
[MR-8929]: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8929
## References
### The GStreamer project
- [https://gstreamer.freedesktop.org](https://gstreamer.freedesktop.org)
### CVE Database Entries
- [CVE-2025-47219](https://www.cve.org/CVERecord?id=CVE-2025-47219)
### GStreamer releases
#### 1.26 (current stable)
- [GStreamer 1.26.2 release notes](/releases/1.26/#1.26.2)
- [GStreamer Plugins Good 1.26.2](/src/gst-plugins-good/gst-plugins-good-1.26.2.tar.xz)
### Patches
- [Patch for 1.26.1 and earlier versions](https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9137.patch)

View File

@ -0,0 +1,49 @@
# Security Advisory 2025-0005 (CVE-2025-47183)
<div class="vertical-table">
| | |
| ----------------- | --- |
| Summary | Out-of-bounds read in MOV/MP4 demuxer|
| Date | 2025-05-29 23:30 |
| Affected Versions | GStreamer gst-plugins-good < 1.26.2 |
| IDs | GStreamer-SA-2025-0005<br/>CVE-2025-47183 |
</div>
## Details
An Out-of-bounds read in the MOV/MP4 demuxer that can cause crashes or
potentially information leaks for certain input files.
## Impact
It is possible for a malicious third party to trigger an Out-of-bounds read
that can result in a crash of the application or potentially information leaks.
## Solution
The gst-plugins-good 1.26.2 release addresses the issue. People using older
branches of GStreamer should apply the patch and recompile.
## References
### The GStreamer project
- [https://gstreamer.freedesktop.org](https://gstreamer.freedesktop.org)
### CVE Database Entries
- [CVE-2025-47183](https://www.cve.org/CVERecord?id=CVE-2025-47183)
### GStreamer releases
#### 1.26 (current stable)
- [GStreamer 1.26.2 release notes](/releases/1.26/#1.26.2)
- [GStreamer Plugins Good 1.26.2](/src/gst-plugins-good/gst-plugins-good-1.26.2.tar.xz)
### Patches
- [Patch](https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9131.patch)

View File

@ -0,0 +1,48 @@
# Security Advisory 2025-0006 (CVE-2025-47806)
<div class="vertical-table">
| | |
| ----------------- | --- |
| Summary | Stack buffer overflow in SubRip subtitle parser|
| Date | 2025-05-29 23:30 |
| Affected Versions | GStreamer gst-plugins-base < 1.26.2 |
| IDs | GStreamer-SA-2025-0006<br/>CVE-2025-47806 |
</div>
## Details
A stack buffer overflow in the SubRip subtitle parser that can cause crashes for
certain input files.
## Impact
It is possible for a malicious third party to trigger a stack buffer overflow
that can result in a crash of the application.
## Solution
The gst-plugins-base 1.26.2 release addresses the issue. People using older
branches of GStreamer should apply the patch and recompile.
## References
### The GStreamer project
- [https://gstreamer.freedesktop.org](https://gstreamer.freedesktop.org)
### CVE Database Entries
- [CVE-2025-47806](https://www.cve.org/CVERecord?id=CVE-2025-47806)
### GStreamer releases
#### 1.26 (current stable)
- [GStreamer 1.26.2 release notes](/releases/1.26/#1.26.2)
- [GStreamer Plugins Base 1.26.2](/src/gst-plugins-base/gst-plugins-base-1.26.2.tar.xz)
### Patches
- [Patch](https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9132.patch) (3-in-1)