GStreamer
open source multimedia framework
Home
Features
News
Annual Conference
Planet (Blogs)
Download
Applications
Security Center
GitLab
Developers
Documentation
Forum
File a Bug
Artwork
Follow us on Bluesky
Follow us on Mastodon
Chat with us on Matrix

Security Advisory 2026-0034
Summary Division by zero in mDVDsub subtitle parser
Date 2026-06-12
Affected Versions GStreamer gst-plugins-base < 1.28.4
IDs GStreamer-SA-2026-0034

Details

Division by zero vulnerability in the mDVDsub subtitle parser in gst-plugins-base when processing malformed subtitle files. The parser did not validate the frame rate value read from the subtitle file header, allowing zero or negative values to be passed to the floating point number to fraction conversion. A zero frame rate triggers a division that results in a critical warning and invalid timestamps, while negative frame rates are reinterpreted as huge positive numbers. In both cases, invalid timestamps are generated for the subtitle events.

Impact

A malicious third party could provide a crafted mDVDsub subtitle file with an invalid frame rate, resulting in invalid timestamps being generated for subtitle events, which would cause playback not to work correctly.

Solution

The gst-plugins-base 1.28.4 release addresses the issue. People using older versions of GStreamer should apply the patch and recompile.

References

The GStreamer project

CVE Database Entries

  • No CVE number assigned or pending

GStreamer 1.28.4 release

Patches

Report a problem on this page.