The vulnerability of the gst_matroska_decompress_data function in the Gstreamer multimedia framework, which allows a hacker to cause a service failure

The vulnerability of the gstmatroskadecompressdata function in the Gstreamer multimedia framework is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

Integer overflow

DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gstmatroskadecompressdata function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however t...

CVE-2022-1925

CVE-2022-1925 affects the GStreamer gst-plugins-good package, specifically the mkv demuxer path. The issue is a heap overflow arising from the matroska demuxing flow: the matroskaparse element lacks size checks in gst_matroska_decompress_data, while the matroskademux path imposes chunk-size restr...

CVE-2022-1925

DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gstmatroskadecompressdata function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however t...

GStreamer 输入验证错误漏洞

GStreamer is a set of frameworks for processing streaming media. An input validation error vulnerability exists in GStreamer version 1.16.2, which is caused by an integer overflow when zlib decodes gstmatroskadecompressdata encoded data, and can be exploited by an attacker to cause a system crash...