Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 39: FEDORA-2023-7b5c843d27 Urgent: GStreamer Memory Exploit

fedora
Calendar Grey November 19, 2023
Dist Fedora Esm H88
The release of GStreamer 1.22.7 for Fedora 39 mitigates buffer overflow vulnerabilities and improves video performance capabilities.
1.22.7

Summary

A collection of GStreamer plugins to let you make use of VA API video

acceleration from GStreamer applications.

Includes elements for video decoding, display, encoding and post-processing

using VA API (subject to hardware limitations).

Update Information:

1.22.7

Topics%20covered

Topics Covered

security advisory buffer overflow software update Fedora urgent gstreamer video acceleration

Change Log

* Tue Nov 14 2023 Gwyn Ciesla - 1.22.7-1 - 1.22.7 * Tue Sep 26 2023 Nicolas Chauvet - 1.22.6-1 - Update to 1.22.6

References


[ 1 ] Bug #2250248 - CVE-2023-44429 gstreamer1-plugins-bad-free: gstreamer: AV1 codec parser buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2250248 [ 2 ] Bug #2250250 - CVE-2023-44446 gstreamer1-plugins-bad-free: gstreamer: MXF demuxer use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2250250

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-6a4aea6d13' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: gstreamer1-vaapi
Product: Fedora 39
Version: 1.22.7
Release: 1.fc39
URL:
Summary: GStreamer plugins to use VA API video acceleration

Topics%20covered

Topics Covered

security advisory buffer overflow software update Fedora urgent gstreamer video acceleration

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here