|
|
Subscribe / Log in / New account

gst-plugins-bad: two vulnerabilities

Package(s):gst-plugins-bad CVE #(s):CVE-2017-5843 CVE-2017-5848
Created:February 6, 2017 Updated:February 21, 2017
Description: From the Arch Linux advisory:

- CVE-2017-5843 (arbitrary code execution): A double-free issue has been found in gstreamer before 1.10.3, in gst_mxf_demux_update_essence_tracks.

- CVE-2017-5848 (denial of service): An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm.

Alerts:
Fedora FEDORA-2017-216f4b9f9d mingw-gstreamer1-plugins-bad-free 2017-02-20
Debian-LTS DLA-830-1 gst-plugins-bad0.10 2017-02-18
Arch Linux ASA-201702-5 gst-plugins-bad 2017-02-05

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds