Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. An integer underflow was detected in the extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction of atomlength - 8 may result in an underflow if atomlength is less than 8. When this subtracti...

PT-2026-38834

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract cc from data function within qtdemux.c. In the FOURCC c708 case, the subtraction atom length - 8 may result in an underflow if atom length is less than 8. When that...

BIT-JAVA-MIN-2024-47546 GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...

BIT-JAVA-2024-47596 GHSL-2024-244: GStreamer has an OOB-read in FOURCC_SMI_ parsing

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemuxparsesvq3stsddata function within qtdemux.c. In the FOURCCSMI case, seqhsize is read from the input file without proper validation. If seqhsize is greater than the remaining...

PT-2026-37814

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux parse svq3 stsd data function within qtdemux.c. In the FOURCC SMI case, seqh size is read from the input file without proper validation. If seqh size is greater than the...

RLSA-2025:7242 Moderate: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: OOB-read in...

Linux Distros Unpatched Vulnerability : CVE-2021-21835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A speciall...

Linux Distros Unpatched Vulnerability : CVE-2021-21862

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A...

Linux Distros Unpatched Vulnerability : CVE-2021-21859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47543: Fixed an out-of-bounds write in...

gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing

A flaw was found in the GStreamer library. An integer underflow due to missing size checks in the MP4/MOV demuxer can lead to out-of-bounds reads and cause crashes for certain input files. This issue can allow a malicious actor to trigger a crash of the application...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47543: Fixed an out-of-bounds write in...

AZL-62408 CVE-2024-47546 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...

UBUNTU-CVE-2024-47546

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...

Denial Of Service (DoS)

gpac:bullseye is vulnerable to denial of service. An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The striboxread function is used when processing atoms using the 'stri' FOURCC code. An attacke...

CVE-2021-21850

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “trun” FOURCC code due to unchecked...

DEBIAN-CVE-2021-21836

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input using the “ctts” FOURCC code can cause an integer overflow due to unchecked arithmetic resulting in a heap-based...

Integer overflow

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when processing an atom using the 'ssix' FOURCC code, due to unchecked arithmetic...

CVE-2021-21834

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom for the “co64” FOURCC can cause an integer overflow due to unchecked arithmetic resulting i...

CVE-2021-21842

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when processing an atom using the 'ssix' FOURCC code, due to unchecked arithmetic...