PT-2023-7229 · Gstreamer+10 · Gstreamer+10

Michael Randrianantenaina

·

Published

2023-10-19

·

Updated

2026-04-23

·

CVE-2023-44446

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions GStreamer (affected versions not specified)
Description This issue allows remote attackers to execute arbitrary code on affected installations of GStreamer. The specific flaw exists within the parsing of MXF video files, resulting from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

ALSA-2023:7791
ALSA-2023:7841
ALT-PU-2023-8147
ALT-PU-2023-8148
ALT-PU-2024-12626
ALT-PU-2024-12861
BDU:2023-08257
CESA-2023_7841
CESA-2024_0013
CESA-2024_0279
CVE-2023-44446
DLA-3673-1
DSA-5565-1
MGASA-2023-0354
OESA-2023-1943
OPENSUSE-SU-2023_4943-1
OPENSUSE-SU-2024:0305-1
OPENSUSE-SU-2024:13557-1
OPENSUSE-SU-2024_0005-1
OPENSUSE-SU-2024_0305-1
OPENSUSE-SU-2024_0793-1
RHSA-2023:7791
RHSA-2023:7792
RHSA-2023:7840
RHSA-2023:7841
RHSA-2023:7872
RHSA-2023:7873
RHSA-2023:7874
RHSA-2023:7875
RHSA-2023_7791
RHSA-2023_7841
RHSA-2024:0013
RHSA-2024:0279
RHSA-2024_0013
RHSA-2024_0279
RLSA-2023:7841
ROSA-SA-2024-2344
ROSA-SA-2024-2346
SUSE-SU-2023:4943-1
SUSE-SU-2024:0005-1
SUSE-SU-2024:0779-1
SUSE-SU-2024:0780-1
SUSE-SU-2024:0793-1
SUSE-SU-2024_0779-1
SUSE-SU-2024_0780-1
SUSE-SU-2024_0793-1
USN-6526-1
USN-8205-1
ZDI-23-1647

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Gstreamer
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu