GStreamer
open source multimedia framework
Home
Features
News
Annual Conference
Planet (Blogs)
Download
Applications
Security Center
GitLab
Developers
Documentation
Forum
File a Bug
Artwork
Follow us on Bluesky
Follow us on Mastodon
Chat with us on Matrix

Security Advisory 2026-0038
Summary Memory leak and NULL pointer dereference in gst-libav demuxer
Date 2026-06-12
Affected Versions GStreamer gst-libav < 1.28.4
IDs GStreamer-SA-2026-0038

Details

Memory handling issues in the error code paths of the demuxer element of gst-libav during stream opening. When the demuxer encounters errors while opening a media source, the cleanup path fails to properly free the I/O context, resulting in a memory leak on each failed open attempt. Additionally, the cleanup path dereferences a pointer to the format context structure without verifying it is valid, which can be NULL when the structure allocation fails during the open operation.

Impact

A malicious third party could trigger a crash in the application, resulting in denial of service, when processing corrupted or specially crafted media files that cause the demuxer to fail during opening. Repeated failed open attempts may also lead to resource exhaustion through memory leaks.

Solution

The gst-libav 1.28.4 release addresses the issue. People using older versions of GStreamer should apply the patch and recompile.

References

The GStreamer project

CVE Database Entries

  • No CVE number assigned or pending

GStreamer 1.28.4 release

Patches

Report a problem on this page.