PT-2025-18343 · Gstreamer+10 · Gstreamer+10

Published

2025-04-30

·

Updated

2026-04-26

·

CVE-2025-3887

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions
GStreamer versions prior to 1.22.0-4+deb12u6 GStreamer versions prior to 1.18.4-3+deb11u5
Description
A stack buffer overflow vulnerability exists in the H.265 codec parser within GStreamer. This vulnerability allows for remote code execution if a malformed media file is processed. The issue stems from insufficient validation of the length of user-supplied data before copying it to a fixed-length stack buffer.
Recommendations
Upgrade to GStreamer version 1.22.0-4+deb12u6 or later. Upgrade to GStreamer version 1.18.4-3+deb11u5 or later.

Fix

RCE

Memory Corruption

Stack Overflow

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

ALSA-2025:8183
ALSA-2025:8184
ALSA-2025:8201
BDU:2025-11788
CESA-2025_8201
CVE-2025-3887
DLA-4219-1
DSA-5941-1
INFSA-2025_8183
INFSA-2025_8201
MGASA-2025-0264
OPENSUSE-SU-2025_01717-1
OPENSUSE-SU-2025_01718-1
OPENSUSE-SU-2025_01725-1
OPENSUSE-SU-2025_01737-1
RHSA-2025:8183
RHSA-2025:8184
RHSA-2025:8201
RHSA-2025:8976
RHSA-2025:8977
RHSA-2025:8978
RHSA-2025:8979
RHSA-2025:8980
RHSA-2025:8981
RHSA-2025:9056
RHSA-2025_8183
RHSA-2025_8201
SUSE-SU-2025:01717-1
SUSE-SU-2025:01718-1
SUSE-SU-2025:01725-1
SUSE-SU-2025:01729-1
SUSE-SU-2025:01737-1
SUSE-SU-2025_01717-1
SUSE-SU-2025_01718-1
SUSE-SU-2025_01725-1
SUSE-SU-2025_01729-1
SUSE-SU-2025_01737-1
USN-7558-1
USN-8205-1
ZDI-25-267

Affected Products

Almalinux
Astra Linux
Centos
Debian
Gstreamer
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu