gstreamer-plugins-bad-free: Use after free in gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

SUSE-SU-2017:0962-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: Security issues fixed: - CVE-2017-5843: set stream tags to NULL after unrefing bsc1024044. - CVE-2017-5848: rewrite PSM parsing to add bounds checking bsc1024068...

CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

DEBIAN-CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

Design/Logic Flaw

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

UBUNTU-CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...