Red Hat · Red Hat Enterprise Linux 10 · CVE-2026-53705
**Name of the Vulnerable Software and Affected Versions**
GStreamer (affected versions not specified)
**Description**
A flaw exists in the WavPack audio decoder within gst-plugins-good. An integer overflow occurs during the buffer size calculation (4 * block samples * channels) inside the `gst wavpack dec handle frame()` function when processing a specially crafted WavPack file. This results in an undersized heap allocation, allowing the WavPack library to write decoded audio samples beyond the allocated buffer, leading to heap memory corruption. This issue impacts both 32-bit and 64-bit systems because the arithmetic is performed using 32-bit integers before being promoted to the allocation size type. A remote attacker could exploit this to crash an application or potentially execute arbitrary code if a user is convinced to open a malicious WavPack audio file.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.