Fedora 42 Update for mingw-gstreamer1-plugins-bad Resolves Major Code Flaws

fedora

April 5, 2026

Update to gstreamer-1.26.11.

Summary

GStreamer is a streaming media framework, based on graphs of elements which

operate on media data.

This package contains plug-ins that aren't tested

well enough, or the code is not of good enough quality.

Update Information:

Update to gstreamer-1.26.11.

Topics Covered

security advisory fedora update arbitrary code execution remote execution GStreamer

Change Log

* Fri Mar 27 2026 Sandro Mani - 1.26.11-1 - Update to 1.26.11

References

[ 1 ] Bug #2447936 - CVE-2026-2920 mingw-gstreamer1: GStreamer: Arbitrary code execution via ASF file processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2447936 [ 2 ] Bug #2448013 - CVE-2026-3084 mingw-gstreamer1: GStreamer: Remote Code Execution via integer underflow in H.266 Codec Parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448013 [ 3 ] Bug #2448019 - CVE-2026-2922 mingw-gstreamer1: GStreamer: Remote Code Execution via out-of-bounds write in RealMedia Demuxer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448019 [ 4 ] Bug #2448020 - CVE-2026-2921 mingw-gstreamer1: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448020 [ 5 ] Bug #2448021 - CVE-2026-2923 mingw-gstreamer1: GStreamer: Remote Code Execution via out-of-bounds write in DVB Subtitles handling [fedora-all] https://bug...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3cc99e7d09' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: mingw-gstreamer1-plugins-bad-free

Product: Fedora 42

Version: 1.26.11

Release: 1.fc42

URL: http://gstreamer.freedesktop.org/

Summary: Cross compiled GStreamer1 plug-ins "bad"

Topics Covered

security advisory fedora update arbitrary code execution remote execution GStreamer

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42 Update for mingw-gstreamer1-plugins-bad Resolves Major Code Flaws

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42 Update for mingw-gstreamer1-plugins-bad Resolves Major Code Flaws

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!