Описание
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the parsing of MDPR chunks. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21443.
A flaw was found in GStreamer. Due to a lack of proper validation of user-supplied data, an integer overflow can be triggered when parsing MDPR chunks. In certain configurations, this flaw allows a remote attacker to execute arbitrary code in the context of the current process.
Отчет
This vulnerability marked as an Important severity rather than Moderate due to its potential impact and exploitation ease. The flaw involves an integer overflow during the parsing of MDPR chunks in RealMedia files, leading to improper memory allocation. This allows an attacker to craft a malicious file that can execute arbitrary code in the context of the vulnerable process. Given that GStreamer is widely used across various applications for media processing, the attack surface is substantial. Additionally, the vulnerability provides remote code execution capabilities, which is a critical security threat as it can lead to full system compromise, especially when executed with elevated privileges or in widely deployed systems. Red Hat Enteprise Linux 7 and 8 have the realmedia plugin is disabled by default, hence not affected by this vulnerability. Red Hat Enteprise Linux 9 includes realmedia plugin from 9.6 and above which already includes a fix for this vulnerability.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | gstreamer1-plugins-ugly-free | Not affected | ||
| Red Hat Enterprise Linux 7 | gstreamer1-plugins-ugly-free | Not affected | ||
| Red Hat Enterprise Linux 8 | gstreamer1-plugins-ugly-free | Not affected | ||
| Red Hat Enterprise Linux 9 | gstreamer1-plugins-ugly-free | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MDPR chunks. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21443.
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MDPR chunks. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21443.
GStreamer RealMedia File Parsing Integer Overflow Remote Code Executio ...
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MDPR chunks. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21443.
EPSS
8.8 High
CVSS3