GStreamer
open source multimedia framework
Home
Features
News
Annual Conference
Planet (Blogs)
Download
Applications
Security Center
GitLab
Developers
Documentation
Forum
File a Bug
Artwork
Follow us on Bluesky
Follow us on Mastodon
Chat with us on Matrix

Security Advisory 2026-0036
Summary Out-of-bounds read in SBC audio parser header parsing
Date 2026-06-12
Affected Versions GStreamer gst-plugins-good < 1.28.4
IDs GStreamer-SA-2026-0036

Details

An out-of-bounds read vulnerability in the SBC audio parser in gst-plugins-good. The sbcparse element lacked proper bounds validation when parsing SBC frame headers, reading 8 bytes from input buffers without checking the available data size. Additionally, when parsing multi-frame buffers, the parser failed to account for remaining buffer length between frames, allowing reads beyond the actual buffer boundaries.

Impact

A malicious third party could trigger out-of-bounds reads by providing a crafted SBC audio file with undersized frames, potentially resulting in a crash, denial of service, or information disclosure.

Solution

The gst-plugins-good 1.28.4 release addresses the issue. People using older versions of GStreamer should apply the patch and recompile.

References

The GStreamer project

CVE Database Entries

  • No CVE number assigned or pending

GStreamer 1.28.4 release

Patches

Report a problem on this page.