Mageia 7: 2021-0079 Critical: Gstreamer Code Execution Risk
mageia
February 10, 2021
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corrupt...
Summary
A flaw was found in the gstreamer h264 component of gst-plugins-bad before
v1.18.1 where when parsing a h264 header, an attacker could cause the stack to
be smashed, memory corruption and possibly code execution. (CVE-2021-3185).
References
- https://bugs.mageia.org/show_bug.cgi?id=28174
- https://lists.debian.org/debian-security-announce/2021/msg00012.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1917192
- https://seclists.org/oss-sec/2021/q1/59
- https://www.cve.org/CVERecord?id=CVE-2021-3185
Resolution
SRPMS
- 7/core/gstreamer1.0-plugins-bad-1.16.0-1.1.mga7
- 7/tainted/gstreamer1.0-plugins-bad-1.16.0-1.1.mga7.tainted
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 10 Feb 2021
URL: https://advisories.mageia.org/MGASA-2021-0079.html
Type: security
CVE: CVE-2021-3185
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!