PT-2025-30625 · Gstreamer+6 · Gstreamer+6

Published

2025-06-03

Updated

2025-11-14

CVE-2025-47806

CVSS v3.1

5.6

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions GStreamer versions through 1.26.1

Description The parse subrip time function within the subparse plugin may write data beyond the allocated buffer on the stack, potentially causing a crash.

Recommendations Update GStreamer to a version later than 1.26.1.

Exploit

Fix

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

ALT-PU-2025-9414

AZL-66180

AZL-66186

BDU:2025-14442

CVE-2025-47806

DLA-4371-1

OESA-2025-1616

SUSE-SU-2025:02020-1

SUSE-SU-2025:02302-1

SUSE-SU-2025:02304-1

SUSE-SU-2025:02472-1

SUSE-SU-2025:02796-1

SUSE-SU-2025:02919-1

SUSE-SU-2025:20507-1

SUSE-SU-2025:20751-1

SUSE-SU-2025_02020-1

SUSE-SU-2025_02302-1

SUSE-SU-2025_02304-1

SUSE-SU-2025_02919-1

USN-7716-1

USN-7827-1

Affected Products

Alt Linux

Debian

Gstreamer

Linuxmint

Red Os

Suse

Ubuntu

PT-2025-30625 · Gstreamer+6 · Gstreamer+6

CVE-2025-47806

Weakness Enumeration

Related Identifiers

Affected Products

References · 77