CVE-2022-1923Heap-based Buffer Overflow in Gstreamer

CWE-122Heap-based Buffer OverflowCWE-190Integer Overflow or WraparoundCWE-787Out-of-bounds Write7 documents6 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 87.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
GstreamerDebian Gst-plugins-good1.0Debian Linux
Timeline
PublishedJul 19
Latest updateAug 8

Description

DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDgstreamer/gstreamer< 1.20.3
debiandebian/gst-plugins-good1.0< gst-plugins-good1.0 1.20.3-1 (bookworm)
CVEListV5gstreamer/gstreamer1.20.3

Also affects: Debian Linux 10.0, 11.0

Patches

Patch: gitlab.freedesktop.orgPatch: gitlab.freedesktop.org

🔴Vulnerability Details

3
OSV
gst-plugins-good1.0 vulnerabilities2022-08-08
GHSA
GHSA-j6v3-2c6w-pwpm: DOS / potential heap overwrite in mkv demuxing using bzip decompression2022-07-20
OSV
CVE-2022-1923: DOS / potential heap overwrite in mkv demuxing using bzip decompression2022-07-19

📋Vendor Advisories

3
Ubuntu
GStreamer Good Plugins vulnerabilities2022-08-08
Red Hat
gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using bz2 decompression2022-05-18
Debian
CVE-2022-1923: gst-plugins-good1.0 - DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer...2022
CVE-2022-1923 — Heap-based Buffer Overflow in Gstreamer | cvebase