PT-2026-41013 · Gstreamer+2 · Gst-Plugins-Good+2

Published

2026-05-14

·

Updated

2026-05-28

·

CVE-2026-46470

CVSS v3.1

9.1

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-good versions prior to 1.28.2
Description An issue exists when parsing MP4 audio tracks where the isomp4 plugin's qtdemux audio caps() function fails to sufficiently validate atom data before performing division operations. This can result in a denial of service caused by an integer division by zero.
Recommendations Update to version 1.28.2 or later.

Fix

DoS

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-46470
ECHO-C7AB-A86E-DBB9
USN-8317-1

Affected Products

Linuxmint
Ubuntu
Gst-Plugins-Good