CVE-2023-37328
published 2024-05-03CVE-2023-37328: GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
PriorityP258high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
1.81%
75.9th percentile
GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
. Was ZDI-CAN-20994.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gst-plugins-base1.0 | < gst-plugins-base1.0 1.22.0-3+deb12u1 (bookworm) | gst-plugins-base1.0 1.22.0-3+deb12u1 (bookworm) |
| gstreamer | gstreamer | < 1.20.7 | 1.20.7 |
| gstreamer | gstreamer | — | — |
| gstreamer | gstreamer | >= 1.22.0 < 1.22.4 | 1.22.4 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability exists in the parsing of PGS subtitle files within GStreamer's subparse subtitle parser — monitor for processing of PGS subtitle files by GStreamer-based applications ↗
- →Attack vector is a specially crafted PGS or SRT subtitle file delivered to a GStreamer-based application — flag suspicious subtitle file opens in media players or applications using gstreamer1-plugins-base / gstreamer-plugins-base ↗
- →Heap-based buffer overflow in the subparse subtitle parser of GStreamer — look for heap corruption signals (crashes, abnormal memory usage) in processes loading subtitle files via gstreamer-plugins-base ↗
- ·Fixed versions vary by distribution — ensure gstreamer-plugins-base is patched to the appropriate version for the target platform before closing findings ↗
- ·Attack vectors may vary depending on the implementation — any application that uses the GStreamer library to process subtitle files is potentially in scope, not just dedicated media players ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
vendor_ubuntu8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GStreamer Base Plugins vulnerabilities
vendor_ubuntu·2025-10-07·CVSS 8.8
CVE-2024-47607 [HIGH] GStreamer Base Plugins vulnerabilities
Title: GStreamer Base Plugins vulnerabilities
Summary: Several security issues were fixed in GStreamer Base Plugins.
Michael Randrianantenaina discovered that GStreamer Base Plugins did not
correctly handle certain integer operations. An attacker could possibly
use this issue to execute arbitrary code. (CVE-2023-37327, CVE-2024-4453)
Michael Randrianantenaina discovered that GStreamer Base Plugins did not
correctly handle certain memory operations. An attacker could possibly
use this issue to execute arbitrary code. This issue only affected
Ubuntu 18.04 LTS. (CVE-2023-37328)
Antonio Morales discovered that GStreamer Base Plugins did not correctly
handle certain memory operations. An attacker could possibly use this
issue to execute arbitrary code. (CVE-2024-47538)
Antonio Morales disc
Ubuntu
GStreamer Base Plugins vulnerabilities
vendor_ubuntu·2023-08-02·CVSS 8.8
CVE-2023-37328 [HIGH] GStreamer Base Plugins vulnerabilities
Title: GStreamer Base Plugins vulnerabilities
Summary: GStreamer Base Plugins could be made to crash or run programs if it opened
a specially crafted file.
It was discovered that GStreamer Base Plugins incorrectly handled certain
FLAC image tags. A remote attacker could use this issue to cause GStreamer
Base Plugins to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-37327)
It was discovered that GStreamer Base Plugins incorrectly handled certain
subtitles. A remote attacker could use this issue to cause GStreamer Base
Plugins to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2023-37328)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
gstreamer-plugins-base: heap overwrite in subtitle parsing
vendor_redhat·2023-07-05·CVSS 8.8
CVE-2023-37328 [HIGH] CWE-122 gstreamer-plugins-base: heap overwrite in subtitle parsing
gstreamer-plugins-base: heap overwrite in subtitle parsing
GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
. Was ZDI-CAN-20994.
A heap-based buffer overflow was found in the subparse subtitle parser of GStreamer wh
Debian
CVE-2023-37328: gst-plugins-base1.0 - GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vuln...
vendor_debian·2023·CVSS 8.8
CVE-2023-37328 [HIGH] CVE-2023-37328: gst-plugins-base1.0 - GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vuln...
GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-20994.
Scope: local
bookworm: resolved (fixed in 1.22.0-3+deb12u1)
bullseye: resolved (fixed in 1.18.4-2+deb11u1)
forky: resolved (fixed in 1.22.4-1)
sid:
OSV
gst-plugins-base1.0 vulnerabilities
osv·2025-10-07·CVSS 8.8
CVE-2023-37327 [HIGH] gst-plugins-base1.0 vulnerabilities
gst-plugins-base1.0 vulnerabilities
Michael Randrianantenaina discovered that GStreamer Base Plugins did not
correctly handle certain integer operations. An attacker could possibly
use this issue to execute arbitrary code. (CVE-2023-37327, CVE-2024-4453)
Michael Randrianantenaina discovered that GStreamer Base Plugins did not
correctly handle certain memory operations. An attacker could possibly
use this issue to execute arbitrary code. This issue only affected
Ubuntu 18.04 LTS. (CVE-2023-37328)
Antonio Morales discovered that GStreamer Base Plugins did not correctly
handle certain memory operations. An attacker could possibly use this
issue to execute arbitrary code. (CVE-2024-47538)
Antonio Morales discovered that GStreamer Base Plugins did not correctly
handle parsing certain inputs
GHSA
GHSA-cvqg-h5hx-c2m4: GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ghsa_unreviewed·2024-05-03
CVE-2023-37328 [HIGH] CWE-122 GHSA-cvqg-h5hx-c2m4: GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20994.
OSV
CVE-2023-37328: GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
osv·2024-05-03·CVSS 8.8
CVE-2023-37328 [HIGH] CVE-2023-37328: GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-20994.
OSV
gst-plugins-base1.0 vulnerabilities
osv·2023-08-02·CVSS 8.8
CVE-2023-37327 [HIGH] gst-plugins-base1.0 vulnerabilities
gst-plugins-base1.0 vulnerabilities
It was discovered that GStreamer Base Plugins incorrectly handled certain
FLAC image tags. A remote attacker could use this issue to cause GStreamer
Base Plugins to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-37327)
It was discovered that GStreamer Base Plugins incorrectly handled certain
subtitles. A remote attacker could use this issue to cause GStreamer Base
Plugins to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2023-37328)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gstreamer.freedesktop.org/security/sa-2023-0003.htmlhttps://www.zerodayinitiative.com/advisories/ZDI-23-901/https://gstreamer.freedesktop.org/security/sa-2023-0003.htmlhttps://lists.fedoraproject.org/archives/list/[email protected]/message/IGQEFZ6ZB3C2XU4JQD3IAFMQIN456W2D/https://www.zerodayinitiative.com/advisories/ZDI-23-901/
2024-05-03
Published