Advisories » MGASA-2025-0264

Updated gstreamer1.0-plugins-bad packages fix security vulnerability

Publication date: 06 Nov 2025
Modification date: 06 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-3887

Description

GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code
Execution Vulnerability. (CVE-2025-3887)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34356
• https://ubuntu.com/security/notices/USN-7558-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3887

SRPMS

9/core

• gstreamer1.0-plugins-bad-1.22.11-1.1.mga9

9/tainted

• gstreamer1.0-plugins-bad-1.22.11-1.1.mga9.tainted