Gstreamer · Gstreamer · CVE-2026-2921
**Name of the Vulnerable Software and Affected Versions**
GStreamer (affected versions not specified)
**Description**
This issue is a remote code execution flaw stemming from an integer overflow within the handling of RIFF palette data in AVI files. The problem arises from insufficient validation of user-supplied data, leading to a potential integer overflow before memory write operations. An attacker could exploit this to execute code within the current process context. Interaction with the GStreamer library is required for exploitation, and attack vectors may vary based on implementation.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.