Linux Distros Unpatched Vulnerability : CVE-2023-37329

🗓️ 30 Aug 2025 00:00:00Reported by TenableType

Unpatched Linux GStreamer SRT parsing heap overflow enables remote code execution via unvalidated subtitle data.

Reporter	Title	Published	Views	Family All 81
AlpineLinux	CVE-2023-37329	3 May 202401:58	–	alpinelinux
AstraLinux	Astra Linux - уязвимость в gst-plugins-bad1.0	3 May 202623:59	–	astralinux
CNNVD	GStreamer gst-plugins-bad 安全漏洞	26 Jul 202300:00	–	cnnvd
CVE	CVE-2023-37329	3 May 202401:58	–	cve
Cvelist	CVE-2023-37329 GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability	3 May 202401:58	–	cvelist
Debian	[SECURITY] [DLA 3503-1] gst-plugins-bad1.0 security update	25 Jul 202317:07	–	debian
Debian CVE	CVE-2023-37329	3 May 202401:58	–	debiancve
Tenable Nessus	Debian dla-3503 : gir1.2-gst-plugins-bad-1.0 - security update	26 Jul 202300:00	–	nessus
Tenable Nessus	Debian DSA-5444-1 : gst-plugins-bad1.0 - security update	2 Jul 202300:00	–	nessus
Tenable Nessus	Fedora 38 : mingw-gstreamer1 / mingw-gstreamer1-plugins-bad-free / etc (2023-0984b63b23)	24 Dec 202300:00	–	nessus

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2023-37329
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(259669);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/28");

  script_cve_id("CVE-2023-37329");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-37329");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This
    vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer.
    Interaction with this library is required to exploit this vulnerability but attack vectors may vary
    depending on the implementation. The specific flaw exists within the parsing of SRT subtitle files. The
    issue results from the lack of proper validation of the length of user-supplied data prior to copying it
    to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the
    current process. Was ZDI-CAN-20968. (CVE-2023-37329)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2023-37329");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-37329");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/12/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gst-plugins-bad0.10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gst-plugins-bad1.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-14.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-14.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "14.04",
        "pkgs": [
          {"reference": "gst-plugins-bad0.10"},
          {"reference": "gst-plugins-bad1.0"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

28 Apr 2026 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 3.18.8

CVSS 38.8

EPSS0.063

SSVC