ROSA LABROSA-SA-2024-2462Advisory ROSA-SA-2024-2462
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
Software: gstreamer1.0-plugins-good 1.19.1
OS: ROSA-CHROME
package_evr_string: gstreamer1.0-plugins-good-1.19.1-4
CVE-ID: CVE-2022-2122
BDU-ID: 2022-06453
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the qtdemux_inflate function of the Gstreamer multimedia framework is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity and availability of protected information
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update gstreamer1.0-plugins-good
CVE-ID: CVE-2022-1923
BDU-ID: 2023-04783
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Gstreamer multimedia framework is related to integer overflow. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service via a specially crafted file
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update gstreamer1.0-plugins-good
CVE-ID: CVE-2022-1925
BDU-ID: 2022-06448
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the gst_matroska_decompress_data function of the Gstreamer multimedia framework is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update gstreamer1.0-plugins-good
CVE-ID: CVE-2022-1924
BDU-ID: 2023-04784
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Gstreamer multimedia framework is related to integer overflow. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service via a specially crafted file
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update gstreamer1.0-plugins-good
CVE-ID: CVE-2022-1922
BDU-ID: 2022-06462
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the gst_matroska_decompress_data function of the Gstreamer multimedia framework is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity and availability of protected information
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update gstreamer1.0-plugins-good
CVE-ID: CVE-2022-1921
BDU-ID: 2022-06449
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the gst_avi_demux_invert function of the Gstreamer multimedia framework is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update gstreamer1.0-plugins-good
CVE-ID: CVE-2022-1920
BDU-ID: 2022-06450
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the gst_matroska_demux_add_wvpk_header function of the Gstreamer multimedia framework is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update gstreamer1.0-plugins-good
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High