GStreamer
open source multimedia framework
Home
Features
News
Annual Conference
Planet (Blogs)
Download
Applications
Security Center
GitLab
Developers
Documentation
Forum
File a Bug
Artwork
Follow us on Bluesky
Follow us on Mastodon
Chat with us on Matrix

Security Advisory 2026-0042 (CVE-2026-53703, CVE-2026-53704)
Summary Out-of-bounds reads and integer overflows in RealMedia demuxer
Date 2026-06-12
Affected Versions GStreamer gst-plugins-ugly < 1.28.4
IDs GStreamer-SA-2026-0042
CVE-2026-53703, CVE-2026-53704

Details

Multiple vulnerabilities in the rmdemux element (RealMedia demuxer) and rademux element (RealAudio demuxer) in gst-plugins-ugly when handling malformed RealMedia files. The demuxers lacked proper bounds validation when parsing file headers, stream properties, and audio packets, allowing out-of-bounds reads beyond the boundaries of the provided data buffers. Additionally, the use of signed integer types for size and length parameters could lead to integer overflows during size calculations and index operations.

Impact

A malicious third party could trigger out-of-bounds reads or integer overflows by providing a crafted RealMedia file, potentially resulting in a crash, denial of service, or information disclosure.

Solution

The gst-plugins-ugly 1.28.4 release addresses the issue. People using older versions of GStreamer should apply the patch and recompile.

References

The GStreamer project

CVE Database Entries

GStreamer 1.28.4 release

Patches

Report a problem on this page.