CVE-2022-1921

Опубликовано: 19 июл. 2022

Источник: debian

EPSS Низкий

Описание

Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gst-plugins-good1.0	fixed	1.20.3-1		package

Примечания

https://gstreamer.freedesktop.org/security/sa-2022-0001.html
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/f503caad676971933dc0b52c4b313e5ef0d6dbb0
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/0d9ce6c9412006c7bf2aefd1992e7d6ba16e93b7 (1.20.3)

EPSS

Процентиль: 8%

0.00034

Низкий

Связанные уязвимости

CVE-2022-1921

CVSS3: 7.8

ubuntu

почти 3 года назад

Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.

CVE-2022-1921

CVSS3: 7.8

redhat

около 3 лет назад

Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.

CVE-2022-1921

CVSS3: 7.8

nvd

почти 3 года назад

Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.

GHSA-9427-ppcj-49fw

CVSS3: 7.8

github

почти 3 года назад

Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.

BDU:2022-06449

CVSS3: 7.8

fstec

почти 3 года назад

Уязвимость функции gst_avi_demux_invert мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 8%

0.00034

Низкий