openSUSE Leap 15.5: Moderate Buffer Overflow Vulnerabilities in GStreamer
opensuse
August 14, 2025
An update that solves three vulnerabilities can now be installed.
Description
This update for gstreamer-plugins-base fixes the following issues:
* CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser
(bsc#1244404).
* CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser
(bsc#1244403).
* CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser
(bsc#1244407).
Patch
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-2796=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-2796=1
Package List
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.14.1
* gstreamer-plugins-base-debuginfo-1.22.0-150500.3.14.1
* libgstfft-1_0-0-1.22.0-150500.3.14.1
* typelib-1_0-GstSdp-1_0-1.22.0-150500.3.14.1
* libgstpbutils-1_0-0-1.22.0-150500.3.14.1
* typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.14.1
* typelib-1_0-GstRtp-1_0-1.22.0-150500.3.14.1
* libgstrtsp-1_0-0-1.22.0-150500.3.14.1
* libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.14.1
* libgstrtp-1_0-0-1.22.0-150500.3.14.1
* libgstriff-1_0-0-1.22.0-150500.3.14.1
* libgsttag-1_0-0-debuginfo-1.22.0-150500.3.14.1
* typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.14.1
* gstreamer-plugins-base-1.22.0-150500.3.14.1
* libgstvideo-1_0-0-1.22.0-150500.3.14.1
* typelib-1_0-GstTag-1_0-1.22.0-150500.3.14.1
* libgstapp-1_0-0-1.22.0-150500.3.14.1
* libgstapp-1_0-0-debuginfo-1.22.0-150500.3.14.1
* libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.14.1
* typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.14.1
* libgstaudio-1_0-0-1.22.0-150500.3.14.1
*...
Read the Full AdvisoryReferences
* bsc#1244403
* bsc#1244404
* bsc#1244407
## References:
* https://www.suse.com/security/cve/CVE-2025-47806.html
* https://www.suse.com/security/cve/CVE-2025-47807.html
* https://www.suse.com/security/cve/CVE-2025-47808.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244403
* https://bugzilla.suse.com/show_bug.cgi?id=1244404
* https://bugzilla.suse.com/show_bug.cgi?id=1244407
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2025:02796-1
Release Date: 2025-08-14T14:35:44Z
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise Micro 5.5
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!