CVE-2023-44429
published 2024-05-03CVE-2023-44429: GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
PriorityP259high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
2.19%
80.2th percentile
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the parsing of AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22226.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gst-plugins-bad1.0 | < gst-plugins-bad1.0 1.22.0-4+deb12u3 (bookworm) | gst-plugins-bad1.0 1.22.0-4+deb12u3 (bookworm) |
| gstreamer | gstreamer | < 1.22.7 | 1.22.7 |
| gstreamer | gstreamer | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability exists in AV1 encoded video file parsing within GStreamer's AV1 codec parser — monitor for processing of malformed AV1 video streams that trigger heap-based buffer overflow conditions ↗
- →Target process is the application loading GStreamer's AV1 codec parser library (gstreamer1-plugins-bad-free / gstreamer-plugins-bad-free); monitor for unexpected crashes or heap corruption in processes using this library when handling AV1 media ↗
- →GStreamer versions >= 1.17 introduced the AV1 parser and are vulnerable; versions < 1.17 do not contain the vulnerable code path — use version detection to identify exposed hosts ↗
- →A malicious third party could deliver a crafted AV1 stream to trigger crash and potential heap manipulation for code execution — inspect AV1 media files/streams delivered from untrusted sources ↗
- ·Attack vectors vary depending on the implementation — any application that uses GStreamer to process AV1 video (e.g., media players, video conferencing, browsers with GStreamer backend) is potentially exposed ↗
- ·Fixed versions are: Debian bookworm 1.22.0-4+deb12u3, bullseye 1.18.4-3+deb11u3, sid/trixie/forky 1.22.7-1 — patch status should be verified against these baselines ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GStreamer Bad Plugins vulnerabilities
vendor_ubuntu·2023-11-29
CVE-2023-40476 GStreamer Bad Plugins vulnerabilities
Title: GStreamer Bad Plugins vulnerabilities
Summary: Several security issues were fixed in GStreamer Bad Plugins.
It was discovered that GStreamer Bad Plugins incorrectly handled certain
media files. A remote attacker could use this issue to cause GStreamer
Bad Plugins to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
gstreamer: AV1 codec parser heap-based buffer overflow
vendor_redhat·2023-11-13·CVSS 8.8
CVE-2023-44429 [HIGH] CWE-122 gstreamer: AV1 codec parser heap-based buffer overflow
gstreamer: AV1 codec parser heap-based buffer overflow
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the parsing of AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22226.
A heap-based buffer overflow vulnerability was found in GStreamer in the
Debian
CVE-2023-44429: gst-plugins-bad1.0 - GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vul...
vendor_debian·2023·CVSS 8.8
CVE-2023-44429 [HIGH] CVE-2023-44429: gst-plugins-bad1.0 - GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vul...
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22226.
Scope: local
bookworm: resolved (fixed in 1.22.0-4+deb12u3)
bullseye: resolved (fixed in 1.18.4-3+deb11u3)
forky: resolved (fixed
OSV
CVE-2023-44429: GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
osv·2024-05-03·CVSS 8.8
CVE-2023-44429 [HIGH] CVE-2023-44429: GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22226.
GHSA
GHSA-6f7w-hx2c-cxpj: GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ghsa_unreviewed·2024-05-03
CVE-2023-44429 [HIGH] CWE-122 GHSA-6f7w-hx2c-cxpj: GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the parsing of AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22226.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-05-03
Published