Tim-Philipp Müller 111c859d58 security-advisories: sync with www module

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9143>

2025-05-30 00:46:52 +01:00

1.3 KiB

Raw Permalink Blame History

Security Advisory 2025-0005 (CVE-2025-47183)


Summary	Out-of-bounds read in MOV/MP4 demuxer
Date	2025-05-29 23:30
Affected Versions	GStreamer gst-plugins-good < 1.26.2
IDs	GStreamer-SA-2025-0005 CVE-2025-47183

Details

An Out-of-bounds read in the MOV/MP4 demuxer that can cause crashes or potentially information leaks for certain input files.

Impact

It is possible for a malicious third party to trigger an Out-of-bounds read that can result in a crash of the application or potentially information leaks.

Solution

The gst-plugins-good 1.26.2 release addresses the issue. People using older branches of GStreamer should apply the patch and recompile.

1.3 KiB

Raw Permalink Blame History

Security Advisory 2025-0005 (CVE-2025-47183)

Details

Impact

Solution

References

The GStreamer project

CVE Database Entries

GStreamer releases

1.26 (current stable)

Patches

1.3 KiB Raw Permalink Blame History

Security Advisory 2025-0005 (CVE-2025-47183)

Details

Impact

Solution

References

The GStreamer project

CVE Database Entries

GStreamer releases

1.26 (current stable)

Patches

1.3 KiB

Raw Permalink Blame History