Advisories ยป MGASA-2024-0119

Updated gstreamer1.0 packages fix vulnerability

Publication date: 10 Apr 2024
Modification date: 10 Apr 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-0444

Description

Heap-based buffer overflow in the AV1 codec parser when handling certain
malformed streams before GStreamer 1.22.9
It is possible for a malicious third party to trigger a crash in the
application, and possibly also effect code execution through heap
manipulation.
                

References

SRPMS

9/core

9/tainted