GStreamer
open source multimedia framework
Home
Features
News
Annual Conference
Planet (Blogs)
Download
Applications
Security Center
GitLab
Developers
Documentation
Mailing Lists
File a Bug
Bug Lists
Artwork
Follow @gstreamer on Twitter

Security Advisory 2016-0001 (CVE-2016-9445) (CVE-2016-9446)

Summary Multiple Issues in VMNC decoder
Date 2016-11-17 16:00
Affected Versions GStreamer gst-plugins-bad 1.10 < 1.10.1
GStreamer gst-plugins-bad 1.x <= 1.8.3
ID GStreamer-SA-2016-0001
CVE ID CVE-2016-9445
CVE ID CVE-2016-9446

Details

The VMNC decoder in gst-plugins-bad contains an integer overflow vulnerability, and a failure to initialise output memory

Impact

If successful, a malicious third party could trigger either a crash in an application decoding a VMNC video stream, or an arbitratry code execution with the privileges of the target user. The failure to initialise output memory may result in an information leak.

Threat mitigation

Exploitation requires the user to access a VMNC stream or file.

Workarounds

The user should refrain from opening files from untrusted third parties or accessing untrusted remote sites, or disable the VMNC decoder plugin by removing the plugin binary file libgstvmnc.so or libgstvmnc.dll

Solution

The gst-plugins-bad 1.10.1 release addresses the issue. The upcoming gst-plugins-bad 1.8.4 release will also address the issue. People using older branches of GStreamer should apply the patch and recompile, or disable the VMNC plugin.

References

The GStreamer project

CVE Database Entries

GStreamer Bugzilla Entry

GStreamer Patches


Report a problem on this page.